Removing Adobe Flash on XO-1, XO-1.75 and XO-4 laptops (CVE-2015-7645)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Removing Adobe Flash on XO-1, XO-1.75 and XO-4 laptops (CVE-2015-7645)

James Cameron-2
G'day,

To keep learners safe, please remove the Adobe Flash plugin on XO-1,
XO-1.75 or XO-4 laptops:

        sudo rm /usr/lib/mozilla/plugins/libflashplayer.so

Adobe Security Bulletin APSA15-05 [1] is for a critical remote control
vulnerability (CVE-2015-7645).  An attacker can take control of the
laptop.

For XO-4 and XO-1.75, there will be no fix.  Adobe do not provide a
player for Linux 32-bit ARM platform [2].

For XO-1, there will be no fix.  Adobe do not provide a player
compatible with the AMD Geode processor on the XO-1, which doesn't
have SSE (XMM) registers [3].

For XO-1.5, a fix may be available from Adobe.  Use the steps
on our Wiki [4].

--

References:

1.
https://helpx.adobe.com/security/products/flash-player/apsa15-05.html

2.
https://get.adobe.com/flashplayer/otherversions/

3.
http://lists.laptop.org/pipermail/devel/2012-October/036209.html

4.
http://wiki.laptop.org/go/Adobe_Flash#Installation_on_XO-1.5

--
James Cameron
http://quozl.linux.org.au/
_______________________________________________
Devel mailing list
[hidden email]
http://lists.laptop.org/listinfo/devel
Reply | Threaded
Open this post in threaded view
|

Re: Removing Adobe Flash on XO-1, XO-1.75 and XO-4 laptops (CVE-2015-7645)

James Cameron-2
An update from Adobe;

https://blogs.adobe.com/flashplayer/2016/08/beta-news-flash-player-npapi-for-linux.html#sthash.zmBvj3cS.R31QTmNV.dpbs

thanks to

http://www.theregister.co.uk/2016/09/06/adobe_reverses_decision_to_kill_npapi_flash_plugin_for_linux/

This will likely work on XO-1.5.  On XO-1, XO-1.75 and XO-4 the
situation below is unchanged.

On Mon, Oct 19, 2015 at 01:36:32PM +1100, James Cameron wrote:

> G'day,
>
> To keep learners safe, please remove the Adobe Flash plugin on XO-1,
> XO-1.75 or XO-4 laptops:
>
> sudo rm /usr/lib/mozilla/plugins/libflashplayer.so
>
> Adobe Security Bulletin APSA15-05 [1] is for a critical remote control
> vulnerability (CVE-2015-7645).  An attacker can take control of the
> laptop.
>
> For XO-4 and XO-1.75, there will be no fix.  Adobe do not provide a
> player for Linux 32-bit ARM platform [2].
>
> For XO-1, there will be no fix.  Adobe do not provide a player
> compatible with the AMD Geode processor on the XO-1, which doesn't
> have SSE (XMM) registers [3].
>
> For XO-1.5, a fix may be available from Adobe.  Use the steps
> on our Wiki [4].
>
> --
>
> References:
>
> 1.
> https://helpx.adobe.com/security/products/flash-player/apsa15-05.html
>
> 2.
> https://get.adobe.com/flashplayer/otherversions/
>
> 3.
> http://lists.laptop.org/pipermail/devel/2012-October/036209.html
>
> 4.
> http://wiki.laptop.org/go/Adobe_Flash#Installation_on_XO-1.5
>
> --
> James Cameron
> http://quozl.linux.org.au/

--
James Cameron
http://quozl.netrek.org/
_______________________________________________
Devel mailing list
[hidden email]
http://lists.laptop.org/listinfo/devel