Bug 22767

Summary: flash-player-plugin security update 29.0.0.113
Product: Mageia Reporter: Nicolas Salguero <nicolas.salguero>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: davidwhodgins, marja11, mhrambo3501, pkg-bugs, sysadmin-bugs, tmb
Version: 6Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA6-64-OK
Source RPM: flash-player-plugin CVE: CVE-2018-4919, CVE-2018-4920
Status comment:
Bug Depends on:    
Bug Blocks: 22820    

Description Nicolas Salguero 2018-03-14 09:52:54 CET 
Hi,

Version 29.0.0.113 fixes CVE-2018-4919 and CVE-2018-4920.

References:
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4919
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4920

Best regards,

Nico.
Nicolas Salguero 2018-03-14 09:53:35 CET

Whiteboard: (none) => MGA6TOO
CVE: (none) => CVE-2018-4919, CVE-2018-4920
Source RPM: (none) => flash-player-plugin

Marja Van Waes 2018-03-14 10:05:44 CET

CC: (none) => marja11
Assignee: bugsquad => anssi.hannula

Marja Van Waes 2018-03-24 08:54:20 CET

Blocks: (none) => 22820

Marja Van Waes 2018-03-24 08:54:42 CET

CC: (none) => pkg-bugs

Comment 1 Mike Rambo 2018-03-30 17:51:35 CEST 
Updated packages uploaded for cauldron and Mageia 6.

Suggested advisory:
========================

Updated packages fix a security vulnerability:

It was found that flash versions older than 29.0.0.113 contained a use after free vulnerability that could lead to remote code execution (CVE-2018-4919).

A second vulnerability was a type confusion which could also lead to remote code execution (CVE-2018-4920).

References:
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4919
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4920
========================

Updated packages in 6/core/updates_testing:
========================
flash-player-plugin-29.0.0.113-1.mga6

from flash-player-plugin-29.0.0.113-1.mga6.src.rpm

Whiteboard: MGA6TOO => (none)
Assignee: anssi.hannula => qa-bugs
Version: Cauldron => 6
CC: (none) => mrambo

Comment 2 Dave Hodgins 2018-03-30 18:53:59 CEST 
$ urpmq -i flash-player-plugin|grep ^Source|sort -uV|tail -n 3
Source RPM  : flash-player-plugin-28.0.0.137-1.mga6.nonfree.src.rpm
Source RPM  : flash-player-plugin-28.0.0.161-1.mga6.nonfree.src.rpm
Source RPM  : flash-player-plugin-29.0.0.113-1.mga6.src.rpm

Why is the package being moved from nonfree to core?

Whiteboard: (none) => feedback
CC: (none) => davidwhodgins

Comment 3 Mike Rambo 2018-03-30 22:55:07 CEST 
(In reply to Dave Hodgins from comment #2)
> $ urpmq -i flash-player-plugin|grep ^Source|sort -uV|tail -n 3
> Source RPM  : flash-player-plugin-28.0.0.137-1.mga6.nonfree.src.rpm
> Source RPM  : flash-player-plugin-28.0.0.161-1.mga6.nonfree.src.rpm
> Source RPM  : flash-player-plugin-29.0.0.113-1.mga6.src.rpm
> 
> Why is the package being moved from nonfree to core?

Because I forgot about nonfree. I need to find a way to get that check into my work flow. I'll pull this back from QA until I get it fixed.

Assignee: qa-bugs => mrambo

Comment 4 Thomas Backlund 2018-03-30 23:18:42 CEST 
(In reply to Mike Rambo from comment #3)
> (In reply to Dave Hodgins from comment #2)
> > $ urpmq -i flash-player-plugin|grep ^Source|sort -uV|tail -n 3
> > Source RPM  : flash-player-plugin-28.0.0.137-1.mga6.nonfree.src.rpm
> > Source RPM  : flash-player-plugin-28.0.0.161-1.mga6.nonfree.src.rpm
> > Source RPM  : flash-player-plugin-29.0.0.113-1.mga6.src.rpm
> > 
> > Why is the package being moved from nonfree to core?
> 
> Because I forgot about nonfree. I need to find a way to get that check into
> my work flow. I'll pull this back from QA until I get it fixed.

Simply resubmit it to nonfree...
I'll nuke it from core

CC: (none) => tmb

Comment 5 Mike Rambo 2018-03-31 21:07:06 CEST 
(In reply to Thomas Backlund from comment #4)
> 
> Simply resubmit it to nonfree...
> I'll nuke it from core

Thanks Thomas.

Revised advisory:
========================

Updated packages fix a security vulnerability:

It was found that flash versions older than 29.0.0.113 contained a use after free vulnerability that could lead to remote code execution (CVE-2018-4919).

A second vulnerability was a type confusion which could also lead to remote code execution (CVE-2018-4920).

References:
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4919
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4920
========================

Updated packages in 6/nonfree/updates_testing:
========================
flash-player-plugin-29.0.0.113-1.mga6

from flash-player-plugin-29.0.0.113-1.mga6.src.rpm

Assignee: mrambo => qa-bugs

Mike Rambo 2018-03-31 21:07:27 CEST

Whiteboard: feedback => (none)

Dave Hodgins 2018-04-01 06:40:48 CEST

Keywords: (none) => advisory

Comment 6 Dave Hodgins 2018-04-01 06:43:28 CEST 
Working ok on Mageia6 x86_64.

Validating the update.

Keywords: (none) => validated_update
Whiteboard: (none) => MGA6-64-OK
CC: (none) => sysadmin-bugs

Comment 7 Mageia Robot 2018-04-01 10:27:16 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0189.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED