Advisory: ============ Adobe Flash Player 11.2.202.359 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a use-after-free vulnerability that could result in arbitrary code execution (CVE-2014-0510). This update resolves a vulnerability that could be used to bypass the same origin policy (CVE-2014-0516). This update resolves security bypass vulnerabilities (CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520). References: http://helpx.adobe.com/security/products/flash-player/apsb14-14.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0516 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0520 ============ Updated Flash Player 11.2.202.359 packages are in mga3+mga4 nonfree/updates_testing. Source packages: flash-player-plugin-11.2.202.359-1.mga3.nonfree flash-player-plugin-11.2.202.359-1.mga4.nonfree Binary packages: flash-player-plugin-11.2.202.359-1.mga3.nonfree flash-player-plugin-kde-11.2.202.359-1.mga3.nonfree flash-player-plugin-11.2.202.359-1.mga4.nonfree flash-player-plugin-kde-11.2.202.359-1.mga4.nonfree
Whiteboard: (none) => MGA3TOO
Tested mga4-64 Youtube videos, flash game, changed settings in kde front end, all OK, no regressions noted.
CC: (none) => wrw105Whiteboard: MGA3TOO => MGA3TOO mga4-64-ok
Tested mga3-64 as above, no regressions noted. As my 32 bit system has an older AMD CPU, I am unable to test the 32-bit versions, so I'll leave them to someone else.
Whiteboard: MGA3TOO mga4-64-ok => MGA3TOO mga4-64-ok mga3-64-ok
Well done Bill W, testing the others now.
Testing complete mga3 32 & mga4 32
Whiteboard: MGA3TOO mga4-64-ok mga3-64-ok => MGA3TOO has_procedure mga4-32-ok mga4-64-ok mga3-32-ok mga3-64-ok
Validating. Advisory uploaded. Could sysadmin please push to 3 & 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA3TOO has_procedure mga4-32-ok mga4-64-ok mga3-32-ok mga3-64-ok => MGA3TOO has_procedure advisory mga4-32-ok mga4-64-ok mga3-32-ok mga3-64-okCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2014-0219.html
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED