Bug 24822

Summary: flash-player-plugin security update 32.0.0.192
Product: Mageia Reporter: Nicolas Salguero <nicolas.salguero>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: davidwhodgins, jim, sysadmin-bugs
Version: 6Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA6-64-OK
Source RPM: flash-player-plugin CVE: CVE-2019-7837
Status comment:

Description Nicolas Salguero 2019-05-15 09:31:27 CEST 
Hi,

Version 32.0.0.192 fixes CVE-2019-7837.

References:
https://helpx.adobe.com/security/products/flash-player/apsb19-26.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7837

Best regards,

Nico.
Nicolas Salguero 2019-05-15 09:32:04 CEST

Source RPM: (none) => flash-player-plugin
Whiteboard: (none) => MGA6TOO
CVE: (none) => CVE-2019-7837
Assignee: bugsquad => nicolas.salguero

Comment 1 Nicolas Salguero 2019-05-16 09:49:04 CEST 
Suggested advisory:
========================

Updated flash-player-plugin package fixes a security vulnerability:

A use after free that leads to arbitrary code execution. (CVE-2019-7837)

References:
https://helpx.adobe.com/security/products/flash-player/apsb19-26.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7837
========================

Updated packages in nonfree/updates_testing:
========================
flash-player-plugin-32.0.0.192-1.mga6.nonfree

from SRPMS:
flash-player-plugin-32.0.0.192-1.mga6.nonfree.src.rpm

Status: NEW => ASSIGNED
Whiteboard: MGA6TOO => (none)
Version: Cauldron => 6
Assignee: nicolas.salguero => qa-bugs

Comment 2 James Kerr 2019-05-17 11:14:41 CEST 
on mga6-64

Update installed cleanly

https://helpx.adobe.com/flash-player.html  confirmed that the latest version is installed

OK for mga6-64

CC: (none) => jim

Comment 3 Dave Hodgins 2019-05-18 11:47:38 CEST 
Advisory committed to svn. Validating the update.

Whiteboard: (none) => MGA6-64-OK
Keywords: (none) => advisory, validated_update
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 4 Mageia Robot 2019-05-18 14:34:17 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2019-0178.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED