Bug 13283

Summary: Security update request for flash-player-plugin, to 11.2.202.356
Product: Mageia Reporter: Anssi Hannula <anssi.hannula>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: sysadmin-bugs, tmb
Version: 4Keywords: Security, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
Whiteboard: MGA3TOO advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
Source RPM: flash-player-plugin CVE: CVE-2014-0515
Status comment:

Description Anssi Hannula 2014-04-29 18:54:53 CEST 
Advisory:
============
Adobe Flash Player 11.2.202.356 contains a fix to a critical security vulnerability found in earlier versions that could potentially allow an attacker to take control of the affected system.

This update resolves a buffer overflow vulnerability that could result in arbitrary code execution (CVE-2014-0515).

References:
http://helpx.adobe.com/security/products/flash-player/apsb14-13.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0515
============

Updated Flash Player 11.2.202.356 packages are in mga3+mga4
nonfree/updates_testing.

Source packages:
flash-player-plugin-11.2.202.356-1.mga3.nonfree
flash-player-plugin-11.2.202.356-1.mga4.nonfree

Binary packages:
flash-player-plugin-11.2.202.356-1.mga3.nonfree
flash-player-plugin-kde-11.2.202.356-1.mga3.nonfree
flash-player-plugin-11.2.202.356-1.mga4.nonfree
flash-player-plugin-kde-11.2.202.356-1.mga4.nonfree
Anssi Hannula 2014-04-29 18:55:06 CEST

Whiteboard: (none) => MGA3TOO

Comment 1 claire robinson 2014-04-29 19:56:22 CEST 
Testing complete mga3 32 & 64

Whiteboard: MGA3TOO => MGA3TOO mga3-32-ok mga3-64-ok

Comment 2 claire robinson 2014-04-30 15:39:12 CEST 
Testing complete mga4 32 & 64

Validating. Advisory uploaded.

Could sysadmin please push to 3&4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: MGA3TOO mga3-32-ok mga3-64-ok => MGA3TOO advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

Comment 3 Thomas Backlund 2014-04-30 16:38:55 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0198.html

Status: ASSIGNED => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED