update swfdec to 0.6.4 version (local file access via remote flash file)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
swfdec-mozilla (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
swfdec0.6 (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: swfdec-mozilla
New version is a bugfix release which solves a very important security issue. Here goes the announcement, according to http://
=======
Here's the release of Swfdec 0.6.4.
This is a security release, please update as soon as possible.
swfdec-0.6.4 "College Humor"
http://
MD5: a15686962468891
fixes in this release:
- fix a security problem that allowed remote Flash files to read local files.
- fix a rare crash in TextField.
- fix a rare crash during cleanup
Swfdec still follows the no-crashes-allowed policy. Should you still
succeed in finding a crasher, please immediately file a bug at
https:/
For more information about Swfdec, see http://
Cheers,
Benjamin
=======
I don't know, since it's a minor release with bug fixes, if a feature freeze break is needed. If needed, someone please do the necessary process, because I don't know yet to use the tools to provide everything needed for the break.
Only swfdec core is impacted (and has been updated)
swfdec-mozilla stays at v0.6.0