Your message dated Fri, 15 Sep 2006 14:47:13 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#387268: fixed in flashplugin-nonfree 7.0.68.0.1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: flashplugin-nonfree
Version: 7.0.63.7
Severity: grave
Tags: security
Justification: user security hole
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- From <http://www.adobe.com/support/security/bulletins/apsb06-11.html>:
Multiple Vulnerabilities in Adobe Flash Player 8.0.24.0 and Earlier Versions
CVE-2006-3014 Arbitrary javascript execution [Windows/MS Excel only]
CVE-2006-3311 Buffer overflow allows remote arbitrary code execution
CVE-2006-3587 Remote arbitrary code execution [flash 8 only]
CVE-2006-3588 Remote DOS (browser crash) [flash 8 only]
CVE-2006-4640 Remote bypass of scripting protections
Critical vulnerabilities have been identified in Flash Player 8.0.24.0 and
earlier versions that could allow an attacker who successfully exploits
these vulnerabilities to take control of the affected system.
Although the text on the page is unclear, it seems that the Linux Flash
player is fixed in version 7.0.68.0.
- -- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-k7
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages flashplugin-nonfree depends on:
ii debconf [debconf-2.0] 1.5.3 Debian configuration management sy
ii gsfonts-x11 0.20 Make Ghostscript fonts available t
ii wget 1.10.2-2 retrieves files from the web
Versions of packages flashplugin-nonfree recommends:
pn libstdc++2.10-glibc2.2 <none> (no description available)
pn xfs <none> (no description available)
- -- debconf information:
flashplugin-nonfree/httpget: true
flashplugin-nonfree/not_exist:
flashplugin-nonfree/http_proxy:
flashplugin-nonfree/local:
flashplugin-nonfree/delete: false
flashplugin-nonfree/failed:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFB9V9shl/216gEHgRAsnaAKDpjdDfrzSBG4qC1pe5In0awvRJfwCff5HV
5vkJ7gy8yhrREjpIktTrJt8=
=eKHj
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: flashplugin-nonfree
Source-Version: 7.0.68.0.1
We believe that the bug you reported is fixed in the latest version of
flashplugin-nonfree, which is due to be installed in the Debian FTP archive:
flashplugin-nonfree_7.0.68.0.1.dsc
to pool/contrib/f/flashplugin-nonfree/flashplugin-nonfree_7.0.68.0.1.dsc
flashplugin-nonfree_7.0.68.0.1.tar.gz
to pool/contrib/f/flashplugin-nonfree/flashplugin-nonfree_7.0.68.0.1.tar.gz
flashplugin-nonfree_7.0.68.0.1_i386.deb
to pool/contrib/f/flashplugin-nonfree/flashplugin-nonfree_7.0.68.0.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bart Martens <[EMAIL PROTECTED]> (supplier of updated flashplugin-nonfree
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 13 Sep 2006 12:54:51 +0200
Source: flashplugin-nonfree
Binary: flashplugin-nonfree
Architecture: source i386
Version: 7.0.68.0.1
Distribution: unstable
Urgency: high
Maintainer: Bart Martens <[EMAIL PROTECTED]>
Changed-By: Bart Martens <[EMAIL PROTECTED]>
Description:
flashplugin-nonfree - Macromedia Flash Player plugin installer
Closes: 387268
Changes:
flashplugin-nonfree (7.0.68.0.1) unstable; urgency=high
.
* update-flashplugin.sh: New upstream release. Closes: #387268.
CVE-2006-3014, CVE-2006-3311, CVE-2006-3587, CVE-2006-3588, CVE-2006-4640
APSB06-11 http://www.adobe.com/support/security/bulletins/apsb06-11.html
Files:
38ead5b4dac5c9760e32f6b6ae7311d0 545 contrib/web optional
flashplugin-nonfree_7.0.68.0.1.dsc
9630b8cc1b27c4a64b1ff59659df7ad1 18760 contrib/web optional
flashplugin-nonfree_7.0.68.0.1.tar.gz
18f4b035069b04bd5e7d5aa2eefb45d2 13342 contrib/web optional
flashplugin-nonfree_7.0.68.0.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFCxu301u8mbx9AgoRAt0LAJ9Si978bKUg+Ap995EA4xW6vL+85ACgnSPB
84Hbc+K0GfdR/9t8xrmlOuc=
=7hBM
-----END PGP SIGNATURE-----
--- End Message ---
