Advisory: ============ Adobe Flash Player 11.2.202.457 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, CVE-2015-3043). This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-0356). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2015-0348). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-0349, CVE-2015-0351, CVE-2015-0358, CVE-2015-3039). This update resolves double-free vulnerabilities that could lead to code execution (CVE-2015-0346, CVE-2015-0359). This update resolves memory leak vulnerabilities that could be used to bypass ASLR (CVE-2015-0357, CVE-2015-3040). This update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-3044). References: https://helpx.adobe.com/security/products/flash-player/apsb15-06.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0346 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0347 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0348 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0349 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0350 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0351 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0352 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0353 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0354 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0355 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0356 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0357 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0358 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0359 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0360 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3038 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3039 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3040 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3041 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3042 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3043 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3044 ============ Updated Flash Player 11.2.202.457 packages are in mga4 nonfree/updates_testing. Source packages: flash-player-plugin-11.2.202.457-1.mga4.nonfree Binary packages: flash-player-plugin-11.2.202.457-1.mga4.nonfree flash-player-plugin-kde-11.2.202.457-1.mga4.nonfree
Working fine Mageia 4 i586.
Whiteboard: (none) => MGA4-32-OK
tested mga4-64 played a video, played flash game, changed a setting in KDE interface, all OK. Validating. Ready for push when advisory uploaded to svn.
Keywords: (none) => validated_updateWhiteboard: MGA4-32-OK => MGA4-32-OK mga4-64-okCC: (none) => wrw105, sysadmin-bugs
Advisory uploaded.
Whiteboard: MGA4-32-OK mga4-64-ok => MGA4-32-OK mga4-64-ok advisory
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0155.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED