| Summary: | flash-player-plugin security update 32.0.0.330 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, sysadmin-bugs, tmb |
| Version: | 7 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA7-64-OK MGA7-32-OK | ||
| Source RPM: | flash-player-plugin | CVE: | CVE-2020-3757 |
| Status comment: | |||
|
Description
Nicolas Salguero
2020-02-11 15:34:12 CET
Nicolas Salguero
2020-02-11 15:35:19 CET
Whiteboard:
(none) =>
MGA7TOO Suggested advisory: ======================== Updated flash-player-plugin package fixes a security vulnerability: Type confusion that leads to arbitrary code execution in the context of the current user. (CVE-2020-3757) References: https://helpx.adobe.com/security/products/flash-player/apsb20-06.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3757 ======================== Updated packages in nonfree/updates_testing: ======================== flash-player-plugin-32.0.0.330-1.mga7.nonfree from SRPMS: flash-player-plugin-32.0.0.330-1.mga7.nonfree.src.rpm Whiteboard:
MGA7TOO =>
(none) 64-bit Plasma system. No installation issues. Went to a US radar site known to use flash for some of its loops. Turned off flash, tried a loop, didn't work. Turned it back on, and it worked. OK for 64-bit. CC:
(none) =>
andrewsfarm Real 32-bit hardware, Xfce system. Again, no installation issues. Performed the same test as in Comment 2, with the same result. OK for 32-bit. Validating. Advisory in Comment 1. CC:
(none) =>
sysadmin-bugs
Thomas Backlund
2020-02-13 11:17:19 CET
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0085.html Status:
ASSIGNED =>
RESOLVED |