Advisory: ============ Adobe Flash Player 11.2.202.291 contains a fix to a critical security vulnerability found in earlier versions. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2013-3343). References: http://www.adobe.com/support/security/bulletins/apsb13-16.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3343 ============ Updated Flash Player 11.2.202.291 packages are in mga2+mga3 nonfree/updates_testing as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and x86_64).
tested mga3-64 changed settings with flash player preferences, viewed several youtube videos and played a flash game. Shouldn't this be updated for MGA2 as well?
CC: (none) => wrw105Whiteboard: (none) => MGA3-64-OK feedback
Well done for thinking of it and asking Bill. Anssi added that it's available for mga 2 & 3 in comment 0. Adding the MGA2TOO whiteboard marker which was missing. It should show properly on madb now.
Whiteboard: MGA3-64-OK feedback => MGA2TOO MGA3-64-OK
The srpms are flash-player-plugin-11.2.202.291-1.mga3.nonfree.src.rpm flash-player-plugin-11.2.202.291-1.mga2.nonfree.src.rpm I'll test on Mageia 2 i586 and x86_64 shortly.
CC: (none) => davidwhodgins
Testing complete on Mageia 2 i586 and x86_64, both playing flash videos and using the kde plugin to remove flash cookies. I'll test Mageia 3 i586 shortly.
Whiteboard: MGA2TOO MGA3-64-OK => MGA2TOO MGA3-64-OK MGA2-64-OK MGA2-32-OK
Testing complete on Mageia 3 i586. Could someone from the sysadmin team push the srpm flash-player-plugin-11.2.202.291-1.mga3.nonfree.src.rpm from Mageia 3 Nonfree Updates Testing to Nonfree Updates and the srpm flash-player-plugin-11.2.202.291-1.mga2.nonfree.src.rpm from Mageia 2 Nonfree Updates Testing to Nonfree Updates. Advisory: Adobe Flash Player 11.2.202.291 contains a fix to a critical security vulnerability found in earlier versions. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2013-3343). References: http://www.adobe.com/support/security/bulletins/apsb13-16.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3343 https://bugs.mageia.org/show_bug.cgi?id=10495
Keywords: (none) => validated_updateWhiteboard: MGA2TOO MGA3-64-OK MGA2-64-OK MGA2-32-OK => MGA2TOO MGA3-64-OK MGA2-64-OK MGA2-32-OK MGA3-32-OKCC: (none) => sysadmin-bugs
Tested MGA3-32-OK cat /etc/release Mageia release 3 (Official) for i586 Updated with nonfree updates_testing with: flash-player-plugin-11.2.202.291-1.mga3.nonfree.i586.rpm flash-player-plugin-kde-11.2.202.291-1.mga3.nonfree.i586.rpm On real hardware. Viewed several of my youtube videos and it seems ok.
CC: (none) => wilcal.int
Tested on Mageia 3 64 bit watching some videos on Youtube.
CC: (none) => olivier.delaune
Advisory ready to push.
http://advisories.mageia.org/MGASA-2013-0177.html
Status: NEW => RESOLVEDCC: (none) => boklmResolution: (none) => FIXED
CC: boklm => (none)