Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Adobe Acrobat Reader Exploit - how to handle it?

  1. #1
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Exclamation Adobe Acrobat Reader Exploit - how to handle it?

    Adobe has in all its Versions (including 9.2) a security breach that will not be fixed before January 12 and applies to all OS (linux included).
    An analysis of the exploit is published here.
    Adobe gives on the page also an explanation on how to handle it:
    Linux: Go to the Global Prefs file at:

    <installation>/Reader/GlobalPrefs/reader_prefs

    Add the following line to the file:

    /JavaScriptPerms [/c << /BlackList [/t (DocMedia.newPlayer) ] >> ]



    The file in openSUSE is as far as I found here:

    /usr/lib/Adobe/Reader8/Reader/GlobalPrefs/reader_prefs

    Now if I try to open it with Kate it tells me that it is binary and will be damaged if saved. So how do I change it waiting for the new version?
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

  2. #2
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    24,974

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    When I become root and
    Code:
    boven:/usr/lib/Adobe/Reader8/Reader/GlobalPrefs # file reader_prefs
    reader_prefs: ASCII text, with very long lines
    And this can simply be edited with vi/vim (there are only 11 lines there, some a few hundred characters).

    Use decent tools for these sort of things
    Henk van Velden

  3. #3
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    Thanks, you are, as usual, always a resource.


    Ps, I thought about vi/vim........but was tooooooo coward!

    Note: what we do not use often (enough) we forget easily about....
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

  4. #4

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    Thank you for the tip!

  5. #5
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    As of today the security update 9.3 for Acrobat Reader is available. Unfortunately the version update 8.2 will not be available for Linux user, only for Win/Mac. Linux users are expected to update to the version 9.3.

    Therefore my question:
    Will there be the version 9.3 on our package servers (I am running 11.1) or do we have to manually install the version from the Adobe servers? Especially for the browser plugin (that apparently has also been updated) I see some problems.

    Thanks.
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

  6. #6
    Join Date
    Sep 2008
    Location
    Dubai
    Posts
    1,770

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    I haven't come across a need to use acroread under 11.2. Okular is working perfectly. It even has features like form filling etc. Better than acroread.
    openSUSE 12.3 (x86_64) with Kernel 3.7.10-1.16-desktop and KDE 4.11.2 on MacBook Pro
    Latest MS Windows version used: Win95

  7. #7

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    Just use okular, it works just as well... no browser plugin but it works
    https://features.opensuse.org/308357

  8. #8
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    Thanks for telling me what you use. I do not really know what this has to do with the thread but it is always nice to know each other. Besides, I cannot use it as I am running 11.1 with KDE 3.5.

    A few preventive answers:
    Thank you but, I do not want to update to 11.2 before support runs out for 11.1.
    I am uttermost sorry but, I do not want to update to KDE4 (not now).

    I agree, I do not need often Acrobat Reader.......but this was not the threads question.
    Still interested in knowing if 9.3 will be available through repositories.
    Thanks.
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

  9. #9

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    For me okular has a problem printing in landscape. Portrait printing is fine.Acroread still performs little better.

  10. #10
    Join Date
    Jan 2009
    Location
    Somewhere in Fictionland
    Posts
    1,479

    Default Re: Adobe Acrobat Reader Exploit - how to handle it?

    Quote Originally Posted by losingle View Post
    For me okular has a problem printing in landscape. Portrait printing is fine.Acroread still performs little better.
    Sorry this thread is not about pro or against okular or acrobat. Please do not post OT. Read before you write.
    Just "clicking away" security warnings about a change in repo signature ? Not able to control?
    Then please vote for
    https://features.opensuse.org/312047
    openSUSE should have an efficient web of trust.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •