Advisory: ============ Adobe Flash Player 27.0.0.187 addresses critical vulnerabilities that could lead to code execution. The update fixes out-of-bounds reads (CVE-2017-3112, CVE-2017-3114, CVE-2017-11213) and use-after-free issues (CVE-2017-11215, CVE-2017-11225). References: https://helpx.adobe.com/security/products/flash-player/apsb17-33.html ============ Updated Flash Player packages have been submitted to mga5+mga6 nonfree/updates_testing. Source packages: flash-player-plugin-27.0.0.187-1.mga6.nonfree flash-player-plugin-27.0.0.187-1.mga5.nonfree Binary packages: flash-player-plugin flash-player-plugin-kde (mga5 only)
Whiteboard: (none) => MGA5TOO
Confirmed a successful update on Mageia 5 i586 and x86_64.
Whiteboard: MGA5TOO => MGA5TOO MGA5-32-OK MGA5-64-OK
On mga6-64 package installed cleanly: flash-player-plugin-27.0.0.187-1.mga6.nonfree.x86_64 Confirmed latest version installed at: https://helpx.adobe.com/flash-player.html OK for mga6-64
Whiteboard: MGA5TOO MGA5-32-OK MGA5-64-OK => MGA5TOO MGA5-32-OK MGA5-64-OK MGA6-64-OKCC: (none) => jim
On mag6-32 in a vbox VM package installed cleanly: flash-player-plugin-27.0.0.187-1.mga6.nonfree.i586 confirmed latest version installed at https://helpx.adobe.com/flash-player.html OK for mga6-32
Whiteboard: MGA5TOO MGA5-32-OK MGA5-64-OK MGA6-64-OK => MGA5TOO MGA5-32-OK MGA5-64-OK MGA6-64-OK MGA6-32-OK
now validated the advisory needs to be uploaded to SVN the update can then be pushed
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
*** Bug 22028 has been marked as a duplicate of this bug. ***
CC: (none) => petlaw726
advisory added
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2017-0410.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED