Hi, Version 28.0.0.137 fixes: An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. (CVE-2018-4871) Reference: https://helpx.adobe.com/security/products/flash-player/apsb18-01.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4871 Best regards, Nico.
Whiteboard: (none) => MGA6TOOCVE: (none) => CVE-2018-4871Source RPM: (none) => flash-player-plugin
Assignee: bugsquad => anssi.hannulaCC: (none) => marja11
Advisory: ============ Adobe Flash Player 28.0.0.137 addresses an important out-of-bounds read vulnerability that could lead to information exposure (CVE-2018-4871). References: https://helpx.adobe.com/security/products/flash-player/apsb18-01.html ============ Updated Flash Player packages have been submitted to mga6 nonfree/updates_testing and to cauldron nonfree/release. Source packages: flash-player-plugin-28.0.0.137-1.mga6.nonfree Binary packages: flash-player-plugin
Status: NEW => ASSIGNEDCC: (none) => anssi.hannulaURL: (none) => https://helpx.adobe.com/security/products/flash-player/apsb18-01.htmlKeywords: (none) => SecurityAssignee: anssi.hannula => qa-bugs
Version: Cauldron => 6Whiteboard: MGA6TOO => (none)CC: (none) => tmb
Tested OK mga6 64 Confirmed version being installed. Checked at adobe flash test page and played some flash games.
Whiteboard: (none) => mga6-64-ok
Keywords: (none) => advisory, validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0072.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED