Bug 20818 - Security update request for flash-player-plugin, to
Summary: Security update request for flash-player-plugin, to
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: https://helpx.adobe.com/security/prod...
Whiteboard: MGA5-64-OK MGA5-32-OK advisory
Keywords: Security, validated_update
Depends on:
Blocks: 20898
  Show dependency treegraph
Reported: 2017-05-09 17:36 CEST by Anssi Hannula
Modified: 2017-05-21 22:29 CEST (History)
5 users (show)

See Also:
Source RPM: flash-player-plugin
CVE: CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3071, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074
Status comment:


Description Anssi Hannula 2017-05-09 17:36:55 CEST
Adobe Flash Player contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

This updates resolves a use-after-free vulnerability that could lead to code execution (CVE-2017-3071).

This updates resolves memory corruption vulnerabilities that could lead to code execution (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074).


Updated Flash Player packages have been submitted to mga5 nonfree/updates_testing.

Source packages:

Binary packages:
Comment 1 James Kerr 2017-05-10 21:15:44 CEST
On mga5-64

$ rpm -q flash-player-plugin

Seems to be OK - no problems encountered
Comment 2 Len Lawrence 2017-05-12 11:04:19 CEST
x86_64 on real hardware
Updated from non-free updates testing.
Tried it out at Adobe Showcase and played a couple of games od BubbleShooter online.  Works fine.
Comment 3 Len Lawrence 2017-05-12 11:25:58 CEST
Adobe Showcase and BubbleShooter work fine in i586 virtualbox.
Comment 4 Thomas Andrews 2017-05-13 22:25:30 CEST
x86_64 on real hardware - Athlon X2, nvidia340 graphics, server kernel.

Looks good here. Played local weather forecast from this morning.
Comment 5 Rémi Verschelde 2017-05-19 11:21:35 CEST
Seems good to validate.
Comment 6 James Kerr 2017-05-19 13:17:20 CEST
Added the OK's to the whiteboard (update already validated by Rémi)
Comment 7 Mageia Robot 2017-05-21 22:29:38 CEST
An update for this issue has been pushed to the Mageia Updates repository.


Note You need to log in before you can comment on or make changes to this bug.