[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-list
Subject:    Flash plugin 0-day vulnerability in the wild
From:       "T.C. Hollingsworth" <tchollingsworth () gmail ! com>
Date:       2015-01-24 0:22:16
Message-ID: CAJVv0O=Ry_iFmb4hxb0werz17SYescRHKbKkd4dkE7gAAhv8AA () mail ! gmail ! com
[Download RAW message or body]

FYI:

---------- Forwarded message ----------
From: Martin Stransky <stransky@redhat.com>
Date: Fri, Jan 23, 2015 at 2:51 AM
Subject: Flash plugin 0-day vulnerability in the wild
To: Development discussions related to Fedora <devel@lists.fedoraproject.org>

Folk,

There's a live 0-day flash vulnerability which is not fixed yet
[1][2]. If you use flash plugin I recommend you to enable the
click-to-play mode for it.

There's also a Fedora Firefox update with such change [3].

ma.

[1] https://isc.sans.edu/diary/Flash+0-Day+Exploit+Used+by+Angler+Exploit+Kit/19213
[2] http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
[3] https://bugzilla.redhat.com/show_bug.cgi?id=1185241

--------------------------------------

If you have SELinux enforcing in its default configuration you should
be safer, since it limits the abilities of Firefox plugins.

See the full thread for more information:
https://lists.fedoraproject.org/pipermail/devel/2015-January/206997.html
http://thread.gmane.org/gmane.linux.redhat.fedora.devel/203965
-- 
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

[prev in list] [next in list] [prev in thread] [next in thread]