Active Topics

 


Reply
Thread Tools
Posts: 2 | Thanked: 1 time | Joined on Jan 2008
#1
I wasn't sure what the right place for this question was: feel free to move it.

Adobe has released a major security fix for Flash Player since the version on my N800. The flaw they fixed allows malicious web pages to run arbitrary code on any machine that visits them. The vulnerability does affect Linux, though of course the payloads are almost certain to be Windows-specific.

As a matter of principle I'd like to upgrade.

Application Manager doesn't list the Flash plug-in as one of the things it can control. The Plug-in item on the Web Tools menu allows enabling and disabling it but no other control. Adobe's page doesn't have a .deb package. I could try to find it in the file system, but I'd be terrified of breaking something if I tried a manual removal and replacement.

In general, is there an equivalent on this device to the routine apt-get update and apt-get upgrade?

Nifty machine, by the way! It's a qualitative change to have Internet in my pocket at all times.
 

The Following User Says Thank You to Jequirity For This Useful Post:
Jeffgrado's Avatar
Posts: 224 | Thanked: 29 times | Joined on Nov 2005
#2
Sorry, I doubt you will ever see a stand alone flash update. Any updates will most likely be with a new firmware release
 
Posts: 302 | Thanked: 254 times | Joined on Oct 2007
#3
Users of OSS platforms really expect security to be taken seriously so Nokia should figure out a way of pushing security fixes to supported platforms in a timely manner.

The Nokia devs appear to hang out on the Maemo users & developers mailing lists so those would probably be better places to ask though.

My guess is that we'll have to wait until the first OS2008 maintenance release (and what about people using N770, or OS2007?).

It is my understanding that the next full release after OS2008/Chinook, or "Diablo", is intended or hoped to be capable of Debian/Ubuntu-style system updates.
 

The Following User Says Thank You to Peet For This Useful Post:
Posts: 102 | Thanked: 16 times | Joined on Sep 2006 @ Manchester
#4
it is not necissarily true that the linux ARM version is effected by the vunerability.

however it would be nice to know and if it is, get a fix
 
Posts: 16 | Thanked: 2 times | Joined on Dec 2007
#5
Yes, as a number of web sites are now failing with the tablet because of the flash player change. This is pretty frustrating if there is no convenient way to upgrade flash.
 

The Following User Says Thank You to dwf For This Useful Post:
Posts: 326 | Thanked: 39 times | Joined on Jul 2007
#6
Originally Posted by Jequirity View Post
I wasn't sure what the right place for this question was: feel free to move it.

Adobe has released a major security fix for Flash Player since the version on my N800. The flaw they fixed allows malicious web pages to run arbitrary code on any machine that visits them. The vulnerability does affect Linux, though of course the payloads are almost certain to be Windows-specific.

As a matter of principle I'd like to upgrade.
This is EXACTLY true. So WHY must you insist on an upgrade when the current flash plugin is just fine?
I think are IT's are pretty safe.
 
Posts: 16 | Thanked: 2 times | Joined on Dec 2007
#7
Safety is one issue, but a bigger one it seems to me is that sites that use the new version of Flash don't work at all on the IT. So without an upgrade, an increasing number of web sites are unusable. Perhaps this is an Adobe version problem, but it is a problem, nevertheless. These sites now say to download and install a new version of Flash before they can be viewed. So an upgrade of Flash is critical.
 

The Following User Says Thank You to dwf For This Useful Post:
Posts: 479 | Thanked: 58 times | Joined on Dec 2007 @ Dubai, UAE
#8
I agree. As much as I rant about people who complain that Nokia should upgrade old users to their latest platforms, this is a problem that breaks one function what all of us bought our tablets for, and needs to be addressed as the problem (i.e. being prompted to upgrade Flash) becomes more common with Flash-enhanced sites.
 

The Following User Says Thank You to ghoonk For This Useful Post:
Posts: 326 | Thanked: 39 times | Joined on Jul 2007
#9
I guess we will have to wait until the next firmware update.
 
Posts: 479 | Thanked: 58 times | Joined on Dec 2007 @ Dubai, UAE
#10
Perhaps sooner, since Flash support is a plug-in to the browser. This could be done as an update from Application Manager with the correct files.

OP posted. "Application Manager doesn't list the Flash plug-in as one of the things it can control." -- was this in red pill mode? I'm sure this can be patched somehow. App manager installs stuff as root (I think) and has direct access to the filesystem, so I fail to understand how this cannot be patched.

Adobe may not list a .deb file available, but this should be raised as a bug in Maemo so that the OS developers are aware of the problem and can assign the fix to the appropriate member of the team.
 
Reply


 
Forum Jump


All times are GMT. The time now is 01:46.