[Slackbuilds-users] Put a security warning in Adobe Reader SlackBuild?

Phillip Warner pc_warner at yahoo.com
Fri Feb 20 14:55:24 UTC 2009


--- On Fri, 2/20/09, Halim Issa <yallaone at gmail.com> wrote:

> Seems like there's a critical vulnerability identified
> in Adobe Reader, also 
> applicable to Linux.. Since Adobe apparently doesn't
> have any plans to fix this 
> for another three weeks, would it be an idea to put a
> warning in the acroread 
> SlackBuild in the meantime?
> 
> http://www.adobe.com/support/security/advisories/apsa09-01.html

>From what I understand disabling js in acroread will protect you from this for now.

> Which also brings up a related question, if there perhaps
> is a need for a 
> slackbuilds-security mailing list to warn against possible
> vulnerabilities in 
> a SlackBuild. It's a more-than-dual-egged-sword
> challenge, since keeping that 
> up-to-date would be a nightmare and warning on some
> programs might give false 
> sense of security of others... 
> Still perhaps worth a debate?
I like the idea, but for now I get all of that info from this list and the Changelog.  A simple grep for security in the Changelog usually shows all of the important updates.  If the admins don't mind the extra work though...

--phillip


      


More information about the SlackBuilds-users mailing list