Advisory ======== The Flash Player plugin has been updated to the latest version. It is a bug fix release. References ========== https://helpx.adobe.com/flash-player/release-note/fp_30_air_30_release_notes.html Files ===== Uploaded to core/updates_testing flash-player-plugin-30.0.0.113-1.mga6 from flash-player-plugin-30.0.0.113-1.mga6.src.rpm
Advisory ======== The Flash Player plugin has been updated to the latest version. It is a bug fix release. References ========== https://helpx.adobe.com/flash-player/release-note/fp_30_air_30_release_notes.html Files ===== Uploaded to nonfree/updates_testing flash-player-plugin-30.0.0.113-1.mga6 from flash-player-plugin-30.0.0.113-1.mga6.src.rpm
On real hardware, HP 6550b laptop, i3, 8GB, Intel graphics, Intel wifi, 64-bit Plasma system: Package installed cleanly. Went to one site known to use flash, and an Adone test site. Both worked as expected. Looks OK to me for 64-bit.
CC: (none) => andrewsfarm
In VirtualBox, M6, MATE, 32-bit Package(s) under test: flash-player-plugin default install of flash-player-plugin [root@localhost wilcal]# urpmi flash-player-plugin Package flash-player-plugin-29.0.0.171-1.mga6.nonfree.i586 is already installed https://helpx.adobe.com/flash-player.html Works, reloads and works again. Shows I am using flash: 29.0.0.171 Indicates that I am not using the latest Flash Player version. Some sites are indicating that I am not using the latest Flash Player Install flash-player-plugin from updates_testing [root@localhost wilcal]# urpmi flash-player-plugin Package flash-player-plugin-30.0.0.113-1.mga6.nonfree.i586 is already installed https://helpx.adobe.com/flash-player.html Works, reloads and works again. Shows I am using flash: 30.0.0.113 Sites that need Flash Player play Flash content
CC: (none) => wilcal.int
In VirtualBox, M6, MATE, 64-bit Package(s) under test: flash-player-plugin default install of flash-player-plugin [root@localhost wilcal]# urpmi flash-player-plugin Package flash-player-plugin-29.0.0.171-1.mga6.nonfree.x86_64 is already installed https://helpx.adobe.com/flash-player.html Works, reloads and works again. Shows I am using flash: 29.0.0.171 Indicates that I am not using the latest Flash Player version. Some sites are indicating that I am not using the latest Flash Player Install flash-player-plugin from updates_testing [root@localhost wilcal]# urpmi flash-player-plugin Package flash-player-plugin-30.0.0.113-1.mga6.nonfree.x86_64 is already installed https://helpx.adobe.com/flash-player.html Works, reloads and works again. Shows I am using flash: 30.0.0.113 Sites that need Flash Player play Flash content
Whiteboard: (none) => MGA6-32-OK MGA6-64-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Fixed advisory, added to svn: type: security subject: Updated flash-player-plugin packages fixes security issues CVE: - CVE-2018-4945 - CVE-2018-5000 - CVE-2018-5001 - CVE-2018-5002 src: 6: nonfree: - flash-player-plugin-30.0.0.113-1.mga6 description: | Updated flash-player-plugin packages fixes the following security issues A remote attacker could possibly execute arbitrary code with the privileges of the process or obtain sensitive information (CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002). In response to a class of recently disclosed vulnerabilities in popular CPU hardware related to data cache timing (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754), known popularly as Spectre and Meltdown, Adobe are disabling the ‘shareable’ property of the ActionScript ByteArray class by default. For more info see the referenced adobe release notes. references: - https://bugs.mageia.org/show_bug.cgi?id=23175 - https://helpx.adobe.com/security/products/flash-player/apsb18-19.html - https://helpx.adobe.com/flash-player/release-note/fp_30_air_30_release_notes.html
Component: RPM Packages => SecurityCC: (none) => tmbCVE: (none) => CVE-2018-4945, CVE-2018-5000, CVE-2018-5001, CVE-2018-5002QA Contact: (none) => securityKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0286.html
Status: NEW => RESOLVEDResolution: (none) => FIXED