Flash - to vuln or not to vuln

  • Thread starter Deleted member 9563
  • Start date
D

Deleted member 9563

Guest
What's happening with the linux-c6-flashplugin11 port? I can't seem to install it without getting this:
Code:
1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update available.
=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'

Are people doing without flash now, or are they building the port as suggested above?
 
Thanks cpm@ I never thought to check the /usr/ports/MOVED file. That certainly clarifies that. The handbook hasn't caught up with that move.

However, now I've got another problem. It seems like www/linux-flashplayer installs with linux-c6-curl-7.19.7_9 which is rejected because it has known vulnerabilities. The repository package is linux-c6-curl: 7.19.7_8 which stops the flashplayer from compiling if it's already there. This, by the way, is on a freshly installed system with all updates done today.

It seems like I'm stuck. Perhaps this is bad time for such a wild adventure as Flash. ;)
 
Yes, ftp/linux-c6-curl has known vulnerabilities

Code:
 % pkg audit linux-c6-curl-7.19.7_9
linux-c6-curl-7.19.7_9 is vulnerable:
curl -- Credentials not checked
CVE: CVE-2016-0755
WWW: https://vuxml.FreeBSD.org/freebsd/8b27f1bc-c509-11e5-a95f-b499baebfeaf.html

1 problem(s) in the installed packages found.

but you can ignore it with make DISABLE_VULNERABILITIES=yes
 
OJ You're not alone. I've given up on it but there are so few things I need to look at that require Flash that I don't care too much. In this day and age, I'm shocked that some major news sites still do.
 
OJ You're not alone. I've given up on it but there are so few things I need to look at that require Flash that I don't care too much. In this day and age, I'm shocked that some major news sites still do.

Adobe said that it "encourage content creators to build with new web standards" such as HTML5, rather than Flash.

It was announced in its day, but some web designers do not care.
 
Back
Top