Copy link to clipboard
Copied
Regarding CVE-2012-0779,
I see that there are updates for just about every operating system other than Solaris to cover this vulnerability.
1. Are Solaris 10 SPARC and x86 affected as well?
2. If so, will there be a patch released and when?
Thank-you!
chesneyb
Sorry if I have posted this on one too many forums.
Copy link to clipboard
Copied
I do not know whether or not the Solaris 10 SPARC and x86 versions are affected or not.
I suggest that you just download and install the latest version 11.2.202.235 for these systems from http://www.adobe.com/products/flashplayer/distribution3.html
Copy link to clipboard
Copied
Pat,
I will try to download that version again. It appears all I could download from Adobe a week ago was 223. I will update when I have competed download.
chesneyb
Copy link to clipboard
Copied
Pat,
I just downloaded and tested both the SPARC and x86 version from that site.
Sad to say only version 223 is available at that location.
Even if you don't have a Solaris system to check, extract the files and you will see the folder name is as follows.
flash_player_solaris_11_2_202_223_x86
flash_player_solaris_11_2_202_223_sparc
I did test on a Solaris system and it confirmed that these are indeed 223.
Thus, I asked the question, isn't Solaris affected as well?
How may I push this up for action? The security community is rather adament that we patch for this CVE.
chesneyb
Copy link to clipboard
Copied
Sorry for my misinformation; http://www.adobe.com/software/flash/about/ states that 11.2.202.223 is the latest version for Solaris.
Can you send a PM to Chris Campbell and point him to this topic?
Copy link to clipboard
Copied
Pat,
I sent the PM as requested.
I am also curious to know when Adobe will be ceasing to support Solaris for Flash. I would assume with all the rumors about HTML5 and support dropping of for Android that it is possible support for Solaris Flash may be waning. If so, I need to let some developers know soon.
Thanks,
chesneyb
Copy link to clipboard
Copied
I responded via PM, but for anyone else interested, I have confirmed that this security patch does not apply to Solaris. There will not be a .235 solaris update.
Thanks,
Chris
Copy link to clipboard
Copied
Chris,
Thank-you!
Oddly enough, did you see that patches came out for Flash in Solaris?
http://wesunsolve.net/patch/id/125332-24
http://wesunsolve.net/patch/id/125333-23
I haven't figure out if this is a security update, but the timeliness is a bit close.
chesneyb
Copy link to clipboard
Copied
Oracle tends to be somewhat behind when they release updates for Adobe Flash Player. I do wish they would indicate the version being provided in the update, though....
(Update) apsb12-14 doesn't mention a thing about Solaris. If only the other flavors could be as well written, they wouldn't be vulnerable to these new issues either, just like Solaris.....
I laugh as I watch you update your systems, while I bask in invulnerability.
Message was edited by: David Paige
Copy link to clipboard
Copied
Thank you for the information regarding the Solaris version. The documentation for the latest update wasn't clear, leading us to wonder if our versions were vulnerable. Hopefully, Adobe will continue to support Flash Player for Solaris.