Description of problem: urpmi flash-player-plugin Marque flash-player-plugin comme étant manuellement installé, il ne sera pas considéré comme un paquet orphelin writing /var/lib/rpm/installed-through-deps.list ftp://137.129.150.2/linux/mga/backport6c/RPMS/flash-player-plugin-32.0.0.156-1.mga6.nonfree.x86_64.rpm SECURITÉ : PAS de vérification du paquet « /var/cache/urpmi/rpms/flash-player-plugin-32.0.0.156-1.mga6.nonfree.x86_64.rpm » (à cause de la configuration) installation de flash-player-plugin-32.0.0.156-1.mga6.nonfree.x86_64.rpm depuis /var/cache/urpmi/rpms Préparation... ############################################# Note that by downloading the Adobe Flash Player you indicate your acceptance of the EULA, available at http://www.adobe.com/products/eulas/players/flash/ Downloading from http://fpdownload.adobe.com/get/flashplayer/pdc/32.0.0.156/flash-player-ppapi-32.0.0.156-release.x86_64.rpm: % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 277 100 277 0 0 2077 0 --:--:-- --:--:-- --:--:-- 2495 Error: Unable to download Flash Player. This is likely due to this package being too old. Please file a bug report at https://bugs.mageia.org so that the package gets updated. Thank you. In the meantime, you can download Flash Player manually from http://get.adobe.com/flashplayer/ erreur : %prein(flash-player-plugin-32.0.0.156-1.mga6.nonfree.x86_64) scriptlet échoué, état de sortie 1 ERROR: 'script' failed for flash-player-plugin-32.0.0.156-1.mga6.nonfree.x86_64 erreur : flash-player-plugin-32.0.0.156-1.mga6.nonfree.x86_64: installer échoué Version-Release number of selected component (if applicable): flash-player-plugin-32.0.0.156 How reproducible: Steps to Reproduce: 1. urpmi flash-player-plugin 2. 3.
I think is due the version 32.0.0.171 is now the current in adobe
Suggested advisory: ======================== Updated flash-player-plugin package fixes security vulnerabilities: An out-of-bounds read that leads to information disclosure. (CVE-2019-7108) A use after free that leads to arbitrary code execution. (CVE-2019-7096) References: https://helpx.adobe.com/security/products/flash-player/apsb19-19.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7108 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7096 ======================== Updated packages in nonfree/updates_testing: ======================== flash-player-plugin-32.0.0.171-1.mga6.nonfree from SRPMS: flash-player-plugin-32.0.0.171-1.mga6.nonfree.src.rpm
CC: (none) => nicolas.salgueroCVE: (none) => CVE-2019-7108, CVE-2019-7096Component: RPM Packages => SecurityStatus: NEW => ASSIGNEDQA Contact: (none) => securitySummary: flash-player-plugin does not install => flash-player-plugin security update 32.0.0.171Severity: normal => critical
Assignee: bugsquad => qa-bugs
Tested at http://get.adobe.com/flashplayer/about/ in opera 12.16. Advisory committed to svn. Validating the update.
Keywords: (none) => advisory, validated_updateWhiteboard: (none) => MGA6-64-OKCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0149.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED