Advisory: ============ Adobe Flash Player 11.2.202.438 contains a fix to a memory leak. The memory leak could be used circumvent memory address randomization on the Windows platform (CVE-2015-0310) and is being exploited in the wild on that platform, but Adobe has not reported that this memory leak would be exploitable on Linux. References: http://helpx.adobe.com/security/products/flash-player/apsb15-02.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0310 ============ Since there does not seem to be security implications on Linux, I've made this a non-security update. Updated Flash Player 11.2.202.438 packages are in mga4 nonfree/updates_testing. Source packages: flash-player-plugin-11.2.202.438-1.mga4.nonfree Binary packages: flash-player-plugin-11.2.202.438-1.mga4.nonfree flash-player-plugin-kde-11.2.202.438-1.mga4.nonfree
Let's give this greater priority. Testing now..
Component: RPM Packages => SecuritySeverity: normal => major
Testing complete mga4 32 and 64 flash video from several sites including over https, used kde system settings to delete all flash storage. Hardware acceleration in use. Viewed settings in the right click menu when flash video playing.
Whiteboard: (none) => has_procedure mga4-32-ok mga4-64-ok
Validating. Bugfix advisory uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: has_procedure mga4-32-ok mga4-64-ok => has_procedure advisory mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGAA-2015-0008.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED