Package: flashplugin-nonfree Version: 1:3.4 Severity: critical File: /usr/sbin/update-flashplugin-nonfree Tags: security Justification: root security hole
Dear Maintainer, * What led up to the situation? according to public reports there is a new *critical* vulnerability in flashplayer. But the command to update isn't working: * What led up to the situation? update-flashplugin-nonfree -iv" * What was the outcome of this action? # update-flashplugin-nonfree -iv options : -i -v -- temporary directory: /tmp/flashplugin-nonfree.oN7tNrErMx importing public key ... selected action = --install installed version = 11.2.202.335 upstream version = 11.2.202.336 wgetoptions= -nd -P . -v --progress=dot:default downloading http://people.debian.org/~bartm/flashplugin- nonfree/fp.11.2.202.336.sha512.i386.pgp.asc ... --2014-02-05 16:38:57-- http://people.debian.org/~bartm/flashplugin- nonfree/fp.11.2.202.336.sha512.i386.pgp.asc Auflösen des Hostnamen »people.debian.org (people.debian.org)«... 206.12.19.5, 2607:f8f0:610:4000:214:38ff:feee:b65a Verbindungsaufbau zu people.debian.org (people.debian.org)|206.12.19.5|:80... verbunden. HTTP-Anforderung gesendet, warte auf Antwort... 404 Not Found 2014-02-05 16:38:57 FEHLER 404: Not Found. * What outcome did you expect instead? update to upstream version = 11.2.202.336 BTW: There is a bunch of Debian/sid users who use the following cronjob to check for and update to new versions if available: ***script /etc/cron.daily/flash*** #!/bin/sh test -x /usr/sbin/update-flashplugin-nonfree && /usr/sbin/update-flashplugin- nonfree --install --quiet ***end*** Shouldn'd such functionality be part of "update-flashplugin-nonfree"? -- Package-specific info: Debian version: jessie/sid Architecture: i386 Package version: 1:3.4 Adobe Flash Player version: LNX 11,2,202,335 MD5 checksums: 208968bb1109e8627fa3c08b43814bee /var/cache/flashplugin-nonfree/get-upstream-version.pl 63f3b6c3b84e36d418c421d4861f4f85 /var/cache/flashplugin-nonfree/install_flash_player_11_linux.i386.tar.gz 79dce79aed74d9bd3537e1ac1a5aad24 /usr/lib/flashplugin-nonfree/libflashplayer.so Alternatives: flash-mozilla.so - auto mode link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so /usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50 Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'. lrwxrwxrwx 1 root root 34 Dec 9 15:46 /usr/lib/mozilla/plugins/flash-mozilla.so -> /etc/alternatives/flash-mozilla.so /usr/lib/mozilla/plugins/flash-mozilla.so: symbolic link to `/etc/alternatives/flash-mozilla.so' -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (900, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.13-0.towo.3-siduction-686 (SMP w/1 CPU core; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages flashplugin-nonfree depends on: ii binutils 2.24-3 ii debconf [debconf-2.0] 1.5.52 ii gnupg 1.4.16-1 ii libatk1.0-0 2.10.0-2 ii libcairo2 1.12.16-2 ii libcurl3-gnutls 7.35.0-1 ii libfontconfig1 2.11.0-2 ii libfreetype6 2.5.2-1 ii libgcc1 1:4.8.2-14 ii libglib2.0-0 2.37.5+really2.36.4-0r0 ii libgtk2.0-0 2.24.22-1 ii libnspr4 2:4.10.2-1 ii libnss3 2:3.15.3.1-1.1 ii libpango1.0-0 1.36.0-1+b1 ii libstdc++6 4.8.2-14 ii libx11-6 2:1.6.2-1 ii libxext6 2:1.3.2-1 ii libxt6 1:1.1.4-1 ii wget 1.15-1 flashplugin-nonfree recommends no packages. Versions of packages flashplugin-nonfree suggests: ii flashplugin-nonfree-extrasound 0.0.svn2431-3 ii fonts-dejavu 2.34-1 ii hal 0.5.14-8 ii iceweasel 24.2.0esr-1 pn konqueror-nsplugins <none> ii ttf-mscorefonts-installer 3.5 ii ttf-xfree86-nonfree 4.2.1-3.1 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
