On Thu, Feb 6, 2014 at 11:12 AM, Fabian Arrotin <fabian.arrotin at arrfab.net>wrote: > On 06/02/14 16:26, Phelps, Matt wrote: > > On Wed, Feb 5, 2014 at 12:30 AM, Robert Arkiletian <robark at gmail.com> > wrote: > > > >> new potential remote code exploit in Chromium flash. > >> > http://googlechromereleases.blogspot.ca/2014/02/stable-channel-update.html > >> > >> Doesn't look like these repos are being updated. > >> http://people.redhat.com/tpopela/rpms/ > >> http://people.centos.org/hughesjr/chromium/6/ > >> > >> Any info on this issue would be welcome. > >> > > > > > > Yes, please. Can the CentOS folks check with their newly minted Red Hat > > brethren on this issue? > > > > This is getting critical for us. We have over a hundred CO6 desktops that > > are currently running an insecure version of chromium. The security > people > > are all over us on this! > > > > We need to run chrome/chromium in order to manage our Google Apps for > > Government deployment (for over 1000 users). It doesn't work right with > > firefox. > > > > If we need to apply pressure elsewhere, please let us know where to > direct > > our fury. > > > > ... to Google ? (especially because it's *their* browser to support > *their* Google Apps ....) > > Of course we already have notified Google. I was hoping for a little more granularity. Google is a large place; as is Red Hat I know. There was word that Red Hat was working with Google on a solution, and I was hoping to hear if there was any movement. I can't ask Red Hat since we don't pay for it, but perhaps the new CentOS relationship with them can offer a channel of communication for the Community. -- Matt Phelps System Administrator, Computation Facility Harvard - Smithsonian Center for Astrophysics mphelps at cfa.harvard.edu, http://www.cfa.harvard.edu