Adobe Acrobat Reader Exploit - how to handle it?

Adobe has in all its Versions (including 9.2) a security breach that will not be fixed before January 12 and applies to all OS (linux included).
An analysis of the exploit is published here.
Adobe gives on the page also an explanation on how to handle it:
***Linux: Go to the Global Prefs file at:


Add the following line to the file:

/JavaScriptPerms [/c << /BlackList [/t (DocMedia.newPlayer) ] >> ]

The file in openSUSE is as far as I found here:


Now if I try to open it with Kate it tells me that it is binary and will be damaged if saved. So how do I change it waiting for the new version?

When I become root and

boven:/usr/lib/Adobe/Reader8/Reader/GlobalPrefs # file reader_prefs
reader_prefs: ASCII text, with very long lines

And this can simply be edited with vi/vim (there are only 11 lines there, some a few hundred characters).

Use decent tools for these sort of things lol!

Thanks, you are, as usual, always a resource.

Ps, I thought about vi/vim…but was tooooooo coward! rotfl!

Note: what we do not use often (enough) we forget easily about…

Thank you for the tip!

As of today the security update 9.3 for Acrobat Reader is available. Unfortunately the version update 8.2 will not be available for Linux user, only for Win/Mac. Linux users are expected to update to the version 9.3.

Therefore my question:
Will there be the version 9.3 on our package servers (I am running 11.1) or do we have to manually install the version from the Adobe servers? Especially for the browser plugin (that apparently has also been updated) I see some problems.


I haven’t come across a need to use acroread under 11.2. Okular is working perfectly. It even has features like form filling etc. Better than acroread.

Just use okular, it works just as well… no browser plugin but it works

Thanks for telling me what you use. I do not really know what this has to do with the thread but it is always nice to know each other. Besides, I cannot use it as I am running 11.1 with KDE 3.5.

A few preventive answers:
Thank you but, I do not want to update to 11.2 before support runs out for 11.1.
I am uttermost sorry but, I do not want to update to KDE4 (not now).

I agree, I do not need often Acrobat Reader…but this was not the threads question.
Still interested in knowing if 9.3 will be available through repositories.

For me okular has a problem printing in landscape. Portrait printing is fine.Acroread still performs little better.

Sorry this thread is not about pro or against okular or acrobat. Please do not post OT. Read before you write.

syampillai wrote:
> I haven’t come across a need to use acroread under 11.2. Okular is
> working perfectly. It even has features like form filling etc. Better
> than acroread.
Does search work for you in Okular? When I opened a .pdf document and
did a search it didn’t work. I even tried searching for a word that was
on the current page and visible. Still didn’t work.

Kevin Miller
Juneau, Alaska
In a recent poll, seven out of ten hard drives preferred Linux.

Yes, it works perfectly. (I am on version 0.9.1).

Hijacked - lol! Well stated, and I agree, but you know, ppl will be ppl. <sigh>, then just laff at it all!

Sure, they are babies and I have noticed them already elsewhere. What is a pitty that the content of the thread is lost and it get’s less probable that somebody will answer on the original question. I looked for the Adobe page and up to now there is only the US version of 9.3 available. I’m a bit confused as they continue to spread 8.1.7 althought they adviced the anglophone speakers (Linux) to change to 9.3 since the 8.1 versions where susceptible to exploits.

Again the question, to refresh a bit: **will there be the 9.3 version in the 11.1 repositories or should we update on the Adobe site (the latter I would prefer less)? If somebody knows the policy fo the NON-OSS repositories on new versions he/she can update me.

Does this actually work as a work-around?

I understand the wanting to know whether a patch will show up in the repository though, even the 11.2’s repositories.

Yes it does. Did it the same day. It is the original code proposed as a time limited work around on the Adobe page. They proposed it on the wait for the 9.3 version (which is out now in English).
It is just that I would prefer the repository version (for a question of commodity) and the whole thing si also to understand how updates of this kind are handeled within the framework of the no-oss repositories for the maintained versions (11.0, 11.1). I would expect the 11.2 being served soon.

With the date of today the 9.3 version was proposed in the updater in automatic. How does not use the update script can retrieve the new version from the depository. Thank you to the maintainer team. :wink:

This thread is closed

I’m not quite sure I understand what you are saying.

Do you mean as of today, verion 9.3 is in the repositories and users run update to get them?