Bug 21703 - Security update request for flash-player-plugin, to 27.0.0.130
Summary: Security update request for flash-player-plugin, to 27.0.0.130
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: https://helpx.adobe.com/security/prod...
Whiteboard: MGA5TOO MGA5-64-OK MGA5-32-OK MGA6-64...
Keywords: Security, advisory, validated_update
Depends on:
Blocks:
 
Reported: 2017-09-13 20:07 CEST by Anssi Hannula
Modified: 2017-09-14 20:22 CEST (History)
2 users (show)

See Also:
Source RPM: flash-player-plugin
CVE: CVE-2017-11281, CVE-2017-11282
Status comment:


Attachments

Description Anssi Hannula 2017-09-13 20:07:31 CEST
Advisory:
============
Adobe Flash Player 27.0.0.130 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

This update addresses two memory corruption vulnerabilities that could lead to code execution (CVE-2017-11281, CVE-2017-11282).

References:
https://helpx.adobe.com/security/products/flash-player/apsb17-28.html
============

Updated Flash Player packages have been submitted to mga5+mga6 nonfree/updates_testing.

Source packages:
flash-player-plugin-27.0.0.130-1.mga6.nonfree
flash-player-plugin-27.0.0.130-1.mga5.nonfree

Binary packages:
flash-player-plugin
flash-player-plugin-kde (mga5 only)
Anssi Hannula 2017-09-13 20:08:32 CEST

Whiteboard: (none) => MGA5TOO

Comment 1 Dave Hodgins 2017-09-13 21:22:43 CEST
Install cleanly on Mageia 5 x86_64.
http://get.adobe.com/flashplayer/about/ shows version 27.0.0.130 installed.

Whiteboard: MGA5TOO => MGA5TOO MGA5-64-OK
CC: (none) => davidwhodgins

Dave Hodgins 2017-09-13 21:27:08 CEST

Keywords: (none) => advisory

Comment 2 Dave Hodgins 2017-09-13 22:01:44 CEST
Ok on both arches, both releases. Validating the update.

Keywords: (none) => validated_update
Whiteboard: MGA5TOO MGA5-64-OK => MGA5TOO MGA5-64-OK MGA5-32-OK MGA6-64-OK MGA6-32-OK
CC: (none) => sysadmin-bugs

Comment 3 Mageia Robot 2017-09-14 20:22:26 CEST
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0339.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.