# To all users of the linux-flashplugin.



## francis (Jan 30, 2013)

Adobe Flash Player has been updated to the 11.2.202.261 version due to several security issue, which could cause a crash and potentially allow an attacker to take control of the affected system. Previous vulnerable version: *11.2.202.258*. On VuXML website, which is documenting security issues in FreeBSD and the FreeBSD Ports Collection, last entry related to the linux-flashplugin is dated on 2012-12-14, while the new security update has been released on January 8, 2013. 

Here is the official security bulletin: APSB13-01 and Common Vulnerabilities and Exposures note - CVE-2013-0630. Installed version can be checked here: Version. All users of the linux-flashplugin must upgrade. I hope, that all users already know about this update and security issue. Frankly, it is strange that the VuXML website does not have official notes yet. Please remember one thing; this security problem is quite old. 

Best regards.


----------



## SirDice (Jan 31, 2013)

> Please report security issues to the FreeBSD Security Team at <security-team@FreeBSD.org>. Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.



http://www.vuxml.org/freebsd/


----------



## francis (Feb 19, 2013)

Hi, On February 12. Adobe has released a security update for the linux-flashplugin that fixes 17 vulnerabilities. Previous vulnerable version: *11.2.202.262* (last entry on the VuXML website: 2013-02-08). On VuXML website, which is documenting security issues in FreeBSD and the FreeBSD Ports Collection still, there is not any adequate notes about this issue. New version: 11.2.202.70. To check, which version of the linux-flashplugin you are running please see; Version Information. Adobe Bulletin: APSB13-05. 

I wrote an e-mail to the FreeBSD Security Team and they promised to take care of the linux-flashplugin note etc. All users should upgrade this package to the latest version.


----------



## Disturbo (Mar 23, 2013)

francis said:
			
		

> Hi, On February 12. Adobe has released a security update for the linux-flashplugin that fixes 17 vulnerabilities. Previous vulnerable version: *11.2.202.262* (last entry on the VuXML website: 2013-02-08). On VuXML website, which is documenting security issues in FreeBSD and the FreeBSD Ports Collection still, there is not any adequate notes about this issue. New version: 11.2.202.70. To check, which version of the linux-flashplugin you are running please see; Version Information. Adobe Bulletin: APSB13-05.
> 
> I wrote an e-mail to the FreeBSD Security Team and they promised to take care of the linux-flashplugin note etc. All users should upgrade this package to the latest version.



Forgive my asking, but what is the correct procedure to upgrade, or install the latest version of the linux-flashplugin? Is there a better alternative?


----------



## fonz (Mar 23, 2013)

Disturbo said:
			
		

> Forgive my asking, but what is the correct procedure to upgrade, or install the latest version of the linux-flashplugin?




`# portsnap fetch update`
`# cd /usr/ports/www/linux-f10-flashplugin11 && make install clean`
Or, if you use ports-mgmt/portmaster, replace the second line with
`# portmaster www/linux-f10-flashplugin11`


----------



## kpa (Mar 23, 2013)

If you're updating the already installed port you have to force the reinstallation with FORCE_PKG_REGISTER

`# make -C /usr/ports/www/linux-f10-flashplugin11 clean` (to make sure no old work files conflict with the build)

`# make -C /usr/ports/www/linux-f10-flashplugin11 install clean FORCE_PKG_REGISTER=1`


----------



## wblock@ (Mar 23, 2013)

Or just use reinstall.
`# make -C /usr/ports/www/linux-f10-flashplugin11 clean reinstall clean`


----------



## Disturbo (Mar 27, 2013)

Duly noted.
Thank you for all the replies.


----------

