| Summary: | flash-player-plugin security update 32.0.0.101 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | davidwhodgins, sysadmin-bugs |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6-64-OK | ||
| Source RPM: | flash-player-plugin | CVE: | CVE-2018-15982, CVE-2018-15983 |
| Status comment: | |||
|
Description
Nicolas Salguero
2018-12-06 13:47:34 CET
Nicolas Salguero
2018-12-06 13:48:23 CET
CVE:
(none) =>
CVE-2018-15982, CVE-2018-15983 Suggested advisory: ======================== Updated flash-player-plugin package fixes security vulnerabilities: Use after free flaw enabling arbitrary code execution. (CVE-2018-15982) Insecure Library Loading (DLL hijacking) flaw enabling privilege escalation. (CVE-2018-15983) References: https://helpx.adobe.com/security/products/flash-player/apsb18-42.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15982 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15983 ======================== Updated packages in nonfree/updates_testing: ======================== flash-player-plugin-32.0.0.101-1.mga6 from flash-player-plugin-32.0.0.101-1.mga6.src.rpm Status:
NEW =>
ASSIGNED Tested in opera 12.16. Advisory committed to svn. Validating the update. Whiteboard:
(none) =>
MGA6-64-OK An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0478.html Status:
ASSIGNED =>
RESOLVED |