[CentOS] Firefox and Flash

Tue Apr 26 09:26:11 UTC 2016
Liam O'Toole <liam.p.otoole at gmail.com>

On 2016-04-26, Alice Wonder
<alice at domblogger.net> wrote:
> On 04/26/2016 12:03 AM, Andreas Benzler wrote:
>> Hello every one I installed the official flash plugin from adobe
>>
>> About Plugins tells me:
>>
>>      Datei: libflashplayer.so Pfad:
>>      /usr/lib64/flash-plugin/libflashplayer.so Version: 11.2.202.577
>>      Status: Aktiviert (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave
>>      Flash 11.2 r202
>>
>> But it is:
>>
>>   strings /usr/lib64/mozilla/plugins/libflashplayer.so  | grep 616
>>   FlashPlayer_11_2_202_616_FlashPlayer LNX 11,2,202,616 11.2.202.616
>>   drm/%s/%s/%s/11.2.202.616%s
>>
>> Any ideas?
>
> As far as I can tell Adobe stopped supporting flash on Linux and a
> deprecated vulnerable version is all that is available.

No, flash is still supported by Adobe on linux. Only security updates,
though. No new features. The last update was on 8 April.

>
> I would highly advice against using the flash plugin. Unfortunately 
> advertising networks do not adequately vet flash based advertisements 
> resulting in malware being distributed via flash on common websites we 
> all visit, including news sites.
>
> Usually the malware targets Windows but there is some that targets Linux 
> and will encrypt files on your system asking a ransom for the decryption 
> key.
>
> Just say no to flash.

I agree with that sentiment. Sometimes, however, there are circumstances
in which you just can't say no.

>
> That's not what you asked, but that's what I advise.

In case anyone else has this problem, the issue seems to be that firefox
retains stale information about the plugin status. You can force a
refresh as follows:

1. Exit firefox
2. Uninstall flash-plugin
3. Start firefox, and exit again
4. Install flash-plugin

-- 

Liam