Bug 12581 - Security update request for flash-player-plugin, to
Summary: Security update request for flash-player-plugin, to
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: All Linux
Priority: High critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://helpx.adobe.com/security/produ...
Whiteboard: advisory has_procedure MGA3TOO MGA3-3...
Keywords: Security, validated_update
: 12591 (view as bug list)
Depends on:
Reported: 2014-02-04 21:41 CET by Anssi Hannula
Modified: 2014-02-05 16:45 CET (History)
5 users (show)

See Also:
Source RPM: flash-player-plugin
CVE: CVE-2014-0497
Status comment:


Description Anssi Hannula 2014-02-04 21:41:45 CET
Adobe Flash Player contains a fix to a critical security vulnerability found in earlier versions that could cause a crash and potentially allow an attacker to remotely take control of the affected system.

This update resolves an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system (CVE-2014-0497).

Adobe is aware of reports that an exploit for this vulnerability exists in the wild.


Updated Flash Player packages are in mga3+mga4 nonfree/updates_testing.

Source packages:

Binary packages:
Samuel Verschelde 2014-02-04 22:01:31 CET

CC: (none) => stormi
Severity: major => critical

Comment 1 Thomas Backlund 2014-02-04 22:59:37 CET
*** Bug 12591 has been marked as a duplicate of this bug. ***

CC: (none) => spm

Comment 2 Rémi Verschelde 2014-02-04 23:39:35 CET
Testing on Mageia 4 x86_64. Everything seems to work as intended. I will report back if I notice anything suspicious.

CC: (none) => remi

Comment 3 Manuel Hiebel 2014-02-04 23:42:15 CET
looks good here

Whiteboard: (none) => MGA3TOO mga3-64-ok

Rémi Verschelde 2014-02-04 23:43:20 CET

Whiteboard: MGA3TOO mga3-64-ok => MGA3TOO MGA3-64-OK MGA4-64-OK

Comment 4 Thomas Backlund 2014-02-05 00:06:58 CET
*** Bug 12591 has been marked as a duplicate of this bug. ***
Comment 5 Rémi Verschelde 2014-02-05 13:12:00 CET
Testing complete on Mageia 4 i586. Successfully ran a few flash-based applications such as the Youtube watcher, random flash games on the Internet and an Adobe test page[1], both in Firefox and Konqueror.

[1] https://helpx.adobe.com/flash-player.html

CC: remi => (none)
Whiteboard: MGA3TOO MGA3-64-OK MGA4-64-OK => MGA3TOO MGA3-64-OK MGA4-32-OK MGA4-64-OK

Comment 6 user7 2014-02-05 13:18:33 CET
Tested on Mageia 3, 32 bits. Everything works fine (tested youtube + online games). I will report back if I experience any problems.
user7 2014-02-05 13:18:50 CET

CC: (none) => wassi
Whiteboard: MGA3TOO MGA3-64-OK MGA4-32-OK MGA4-64-OK => MGA3TOO MGA3-32-OK MGA3-64-OK MGA4-32-OK MGA4-64-OK

Comment 7 claire robinson 2014-02-05 14:00:02 CET
Validating. Advisory uploaded.

Could sysadmin please push from 3 & 4 nonfree/updates_testing to updates.


Keywords: (none) => validated_update
Whiteboard: MGA3TOO MGA3-32-OK MGA3-64-OK MGA4-32-OK MGA4-64-OK => advisory has_procedure MGA3TOO MGA3-32-OK MGA3-64-OK MGA4-32-OK MGA4-64-OK
CC: (none) => sysadmin-bugs

Comment 8 Thomas Backlund 2014-02-05 16:45:34 CET
Update pushed:

CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.