Bug 14660

Summary: Security update request for flash-player-plugin, to 11.2.202.424
Product: Mageia Reporter: Anssi Hannula <anssi.hannula>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: herman.viaene, sysadmin-bugs
Version: 4Keywords: Security, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA3TOO advisory MGA3-32-OK mga3-64-ok MGA4-32-OK MGA4-64-OK
Source RPM: flash-player-plugin CVE: CVE-2014-8439
Status comment:

Description Anssi Hannula 2014-11-25 18:57:35 CET 
Advisory:
============
Adobe Flash Player 11.2.202.424 contains additional hardening against a vulnerability in the handling of a dereferenced memory pointer that could lead to code execution (CVE-2014-8439). A mitigation was previously introduced for this issue in a previous update (MGASA-2014-0448).

References:
http://helpx.adobe.com/security/products/flash-player/apsb14-26.html
http://advisories.mageia.org/MGASA-2014-0448.html
============

Updated Flash Player 11.2.202.424 packages are in mga3+mga4
nonfree/updates_testing.

Source packages:
flash-player-plugin-11.2.202.424-1.mga3.nonfree
flash-player-plugin-11.2.202.424-1.mga4.nonfree

Binary packages:
flash-player-plugin-11.2.202.424-1.mga3.nonfree
flash-player-plugin-kde-11.2.202.424-1.mga3.nonfree
flash-player-plugin-11.2.202.424-1.mga4.nonfree
flash-player-plugin-kde-11.2.202.424-1.mga4.nonfree
Anssi Hannula 2014-11-25 18:57:46 CET

Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2014-11-26 04:16:36 CET 
Tested successfully on Mageia 3 i586 and Mageia 4 i586.

Whiteboard: MGA3TOO => MGA3TOO MGA3-32-OK MGA4-32-OK

Comment 2 Herman Viaene 2014-11-26 10:56:23 CET 
Testing MGA4-64-OK on HP6555b
Tested by listening to www.classicalmusicamerica.com and www.classiccomposers.org.
Sound OK.

CC: (none) => herman.viaene
Whiteboard: MGA3TOO MGA3-32-OK MGA4-32-OK => MGA3TOO MGA3-32-OK MGA4-32-OK MGA4-64-OK

Comment 3 claire robinson 2014-11-26 11:06:56 CET 
Testing complete mga3 64

Whiteboard: MGA3TOO MGA3-32-OK MGA4-32-OK MGA4-64-OK => MGA3TOO MGA3-32-OK mga3-64-ok MGA4-32-OK MGA4-64-OK

claire robinson 2014-11-26 11:14:40 CET

Keywords: (none) => validated_update
Whiteboard: MGA3TOO MGA3-32-OK mga3-64-ok MGA4-32-OK MGA4-64-OK => MGA3TOO advisory MGA3-32-OK mga3-64-ok MGA4-32-OK MGA4-64-OK
CC: (none) => sysadmin-bugs

Comment 4 Mageia Robot 2014-11-26 18:30:35 CET 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2014-0497.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED