Advisory: ============ Adobe Flash Player 11.2.202.297 contains fixes to critical security vulnerabilities found in earlier versions. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves a heap buffer overflow vulnerability that could lead to code execution (CVE-2013-3344). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2013-3345). This update resolves an integer overflow when resampling a user-supplied PCM buffer (CVE-2013-3347). References: http://www.adobe.com/support/security/bulletins/apsb13-17.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3344 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3345 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3347 ============ Updated Flash Player 11.2.202.297 packages are in mga2+mga3 nonfree/updates_testing as flash-player-plugin and flash-player-plugin-kde. Source packages: flash-player-plugin-11.2.202.297-1.mga3.nonfree flash-player-plugin-11.2.202.297-1.mga2.nonfree
Whiteboard: (none) => MGA2TOO mga2-64-ok
MGA3-32-OK Ran some YouTube videos and checked running Flash version Tested on: Intel Core i7-2600K Sandy Bridge 3.4GHz LGA 1155 GIGABYTE GA-Z68X-UD3-B3 LGA 1155 Intel Z68 SATA 6Gb/s MoBo GIGABYTE GV-N440D3-1GI GeForce GT 440 (Fermi) CORSAIR Vengeance 16GB (4 x 4GB) Virtualbox-4.2.12-2.mga3.x86-64
CC: (none) => wilcal.intWhiteboard: MGA2TOO mga2-64-ok => MGA2TOO MGA3-32-OK mga2-64-ok
Whiteboard: MGA2TOO MGA3-32-OK mga2-64-ok => MGA2TOO MGA3-32-OK mga2-64-ok mga3-64-ok
MGA3-64-OK Ran some YouTube videos and checked running Flash version Tested on: Intel Core i7-2600K Sandy Bridge 3.4GHz LGA 1155 GIGABYTE GA-Z68X-UD3-B3 LGA 1155 Intel Z68 SATA 6Gb/s MoBo GIGABYTE GV-N440D3-1GI GeForce GT 440 (Fermi) CORSAIR Vengeance 16GB (4 x 4GB) Virtualbox-4.2.12-2.mga3.x86-64
Whiteboard: MGA2TOO MGA3-32-OK mga2-64-ok mga3-64-ok => MGA2TOO MGA3-32-OK mga2-64-ok MGA3-64-OK
Testing complete mga3 64 & mga2 32 Tested youtube and flash player website, also deleted stored stuff in kde flash settings.
Whiteboard: MGA2TOO MGA3-32-OK mga2-64-ok MGA3-64-OK => MGA2TOO MGA3-32-OK mga2-64-ok MGA3-64-OK mga2-32-ok
Thanks Anssi. Validating. Advisory uploaded. Could sysadmin please push from 2 & 3 nonfree/updates_testing to nonfree/updates Thanks!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0207.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED