[Secure-testing-team] Bug#789808: flashplugin-nonfree: update script won't update to 11.2.202.468
Dario Andres Susman
dsusman at sinectis.com.ar
Wed Jun 24 16:35:35 UTC 2015
Package: flashplugin-nonfree
Version: 1:3.6.1
Severity: grave
Tags: upstream security
Justification: user security hole
Dear Maintainer,
* What led up to the situation?
Updating the Flash Player after CVE announcement
* What exactly did you do (or not do) that was effective (or
ineffective)?
I've run update-flashplugin-nonfree --install --verbose
* What was the outcome of this action?
dsusman at fgx-laptop:~$ sudo update-flashplugin-nonfree --install --verbose
[sudo] password for dsusman:
options : --install --verbose --
temporary directory: /tmp/flashplugin-nonfree.dBnTy8CFwq
importing public key ...
selected action = --install
installed version = 11.2.202.466
upstream version = 11.2.202.468
wgetoptions= -nd -P . -v --progress=dot:default
downloading http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.468.sha512.amd64.pgp.asc ...
--2015-06-24 13:33:06-- http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.468.sha512.amd64.pgp.asc
Resolving people.debian.org (people.debian.org)... 5.153.231.30, 2001:41c8:1000:21::21:30
Connecting to people.debian.org (people.debian.org)|5.153.231.30|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.468.sha512.amd64.pgp.asc [following]
--2015-06-24 13:33:07-- https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.468.sha512.amd64.pgp.asc
Connecting to people.debian.org (people.debian.org)|5.153.231.30|:443... connected.
HTTP request sent, awaiting response... 404 Not Found
2015-06-24 13:33:08 ERROR 404: Not Found.
wget failed to download http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.11.2.202.468.sha512.amd64.pgp.asc
downloading http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc ...
--2015-06-24 13:33:08-- http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc
Resolving people.debian.org (people.debian.org)... 5.153.231.30, 2001:41c8:1000:21::21:30
Connecting to people.debian.org (people.debian.org)|5.153.231.30|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc [following]
--2015-06-24 13:33:08-- https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc
Connecting to people.debian.org (people.debian.org)|5.153.231.30|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1267 (1.2K) [text/plain]
Saving to: ‘./fp10.sha512.amd64.pgp.asc’
0K . 100% 86.1M=0s
2015-06-24 13:33:09 (86.1 MB/s) - ‘./fp10.sha512.amd64.pgp.asc’ saved [1267/1267]
verifying PGP fp10.sha512.amd64.pgp.asc ...
copying /var/cache/flashplugin-nonfree/install_flash_player_11_linux.x86_64.tar.gz ...
verifying checksum install_flash_player_11_linux.x86_64.tar.gz ...
wgetoptions= -nd -P . -v --progress=dot:default -O /tmp/flashplugin-nonfree.dBnTy8CFwq/install_flash_player_11_linux.x86_64.tar.gz
downloading https://fpdownload.adobe.com/get/flashplayer/pdc/11.2.202.466/install_flash_player_11_linux.x86_64.tar.gz ...
verifying checksum install_flash_player_11_linux.x86_64.tar.gz ...
unpacking install_flash_player_11_linux.x86_64.tar.gz ...
verifying checksum contents of install_flash_player_11_linux.x86_64.tar.gz ...
moving libflashplayer.so to /usr/lib/flashplugin-nonfree ...
setting permissions and ownership of /usr/lib/flashplugin-nonfree/libflashplayer.so ...
Flash Player version: 11.2.202.466
moving install_flash_player_11_linux.x86_64.tar.gz to /var/cache/flashplugin-nonfree ...
flash-mozilla.so - auto mode
link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so
/usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50
Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'.
calling update-alternatives ...
flash-mozilla.so - auto mode
link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so
/usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50
Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'.
removing /usr/bin/flash-player-properties
removing /usr/share/applications/flash-player-properties.desktop
removing /usr/share/icons/hicolor/16x16/apps/flash-player-properties.png
removing /usr/share/icons/hicolor/22x22/apps/flash-player-properties.png
removing /usr/share/icons/hicolor/24x24/apps/flash-player-properties.png
removing /usr/share/icons/hicolor/32x32/apps/flash-player-properties.png
removing /usr/share/icons/hicolor/48x48/apps/flash-player-properties.png
removing /usr/share/pixmaps/flash-player-properties.png
installing /usr/bin/flash-player-properties
installing /usr/share/applications/flash-player-properties.desktop
installing /usr/share/icons/hicolor/16x16/apps/flash-player-properties.png
installing /usr/share/icons/hicolor/22x22/apps/flash-player-properties.png
installing /usr/share/icons/hicolor/24x24/apps/flash-player-properties.png
installing /usr/share/icons/hicolor/32x32/apps/flash-player-properties.png
installing /usr/share/icons/hicolor/48x48/apps/flash-player-properties.png
installing /usr/share/pixmaps/flash-player-properties.png
end of action --install
cleaning up temporary directory /tmp/flashplugin-nonfree.dBnTy8CFwq ...
end of update-flashplugin-nonfree
dsusman at fgx-laptop:~$
* What outcome did you expect instead?
Update Flash Player to 11.2.202.468
-- Package-specific info:
Debian version: 8.1
Architecture: amd64
Package version: 1:3.6.1
Adobe Flash Player version: LNX 11,2,202,466
MD5 checksums:
657f2e2c7f9a74769ac83adda184d128 /var/cache/flashplugin-nonfree/adobewebpage.html
160a01dd00527304e5291e65eb0c65e2 /var/cache/flashplugin-nonfree/get-upstream-version.pl
124a084e196801143cf7367e21019f3d /var/cache/flashplugin-nonfree/install_flash_player_11_linux.x86_64.tar.gz
4ed3f7af4932078058e19d2f08e19b4f /usr/lib/flashplugin-nonfree/libflashplayer.so
Alternatives:
flash-mozilla.so - auto mode
link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so
/usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50
Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'.
lrwxrwxrwx 1 root root 34 Jun 24 12:22 /usr/lib/mozilla/plugins/flash-mozilla.so -> /etc/alternatives/flash-mozilla.so
/usr/lib/mozilla/plugins/flash-mozilla.so: symbolic link to /etc/alternatives/flash-mozilla.so
-- System Information:
Debian Release: 8.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages flashplugin-nonfree depends on:
ii binutils 2.25-5
ii ca-certificates 20141019
ii debconf [debconf-2.0] 1.5.56
ii gnupg 1.4.18-7
ii libatk1.0-0 2.14.0-1
ii libcairo2 1.14.0-2.1
ii libcurl3-gnutls 7.38.0-4+deb8u2
ii libfontconfig1 2.11.0-6.3
ii libfreetype6 2.5.2-3
ii libgcc1 1:4.9.2-10
ii libglib2.0-0 2.42.1-1
ii libgtk2.0-0 2.24.25-3
ii libnspr4 2:4.10.7-1
ii libnss3 2:3.17.2-1.1
ii libpango1.0-0 1.36.8-3
ii libstdc++6 4.9.2-10
ii libx11-6 2:1.6.2-3
ii libxext6 2:1.3.3-1
ii libxt6 1:1.1.4-1+b1
ii wget 1.16-1
flashplugin-nonfree recommends no packages.
Versions of packages flashplugin-nonfree suggests:
ii fonts-dejavu 2.34-1
pn hal <none>
ii iceweasel 31.7.0esr-1~deb8u1
pn konqueror-nsplugins <none>
pn ttf-mscorefonts-installer <none>
pn ttf-xfree86-nonfree <none>
-- no debconf information
More information about the Secure-testing-team
mailing list