Hi, Version 32.0.0.142 fixes CVE-2019-7090. References: https://helpx.adobe.com/security/products/flash-player/apsb19-06.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7090 Best regards, Nico.
Source RPM: (none) => flash-player-pluginAssignee: bugsquad => nicolas.salgueroCVE: (none) => CVE-2019-7090
Suggested advisory: ======================== Updated flash-player-plugin package fixes a security vulnerability: Information disclosure in the context of the current user. (CVE-2019-7090) References: https://helpx.adobe.com/security/products/flash-player/apsb19-06.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7090 ======================== Updated packages in nonfree/updates_testing: ======================== flash-player-plugin-32.0.0.142-1.mga6 from flash-player-plugin-32.0.0.142-1.mga6.src.rpm
Status: NEW => ASSIGNEDAssignee: nicolas.salguero => qa-bugs
Version: Cauldron => 6
Tried this in the 32-bit soon-to-be-pushed Firefox 60.5.1-1 on a Plasma system. Package installed cleanly, and a site known to still use Flash operated normally. Looks OK for 32-bit.
CC: (none) => andrewsfarmWhiteboard: (none) => MGA6-32-OK
Same test as Comment 2, different hardware, and 64-bit. Same results. This is OK for 64-bit. Validating. Suggested advisory in Comment 1.
Whiteboard: MGA6-32-OK => MGA6-32-OK MGA6-64-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Advisory committed ot svn using the actual srpm, rather then the one in comment 1, flash-player-plugin-32.0.0.142-1.mga6.nonfree.src.rpm
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0090.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED