Flash Player 11.2.202.235 has been pushed to mga1 nonfree/updates_testing. Advisory: ============ Adobe Flash Player 11.2.202.235 contains a fix to a critical security vulnerability found in earlier versions. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves an object confusion vulnerability that could lead to code execution (CVE-2012-0779). The vulnerability is being exploited in the wild in active targeted attacks, though the currently reported exploits do not target Linux systems. References: http://www.adobe.com/support/security/bulletins/apsb12-09.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0779 ============ Updated Flash Player 11.2.202.235 packages are in mga1 nonfree/updates_testing as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and x86_64). ========== Suggested testing procedure: ========== Package installs and Flash works.
Testing complete on i586 for the srpm flash-player-plugin-11.2.202.235-1.mga1.nonfree.src.rpm Testing using http://www.adobe.com/software/flash/about, http://video.citytv.com/video/detail/1602807255001.000000/worlds-apart/ and the kde tools menu entry.
CC: (none) => davidwhodgins
Testing complete x86_64 Please see comment 0 for advisory and srpm. Could sysadmin please push from nonfree/updates_testing to nonfree/updates Thanks!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsVersion: Cauldron => 1
Testing complete on x86_64. I read video on youtube without any trouble.
CC: (none) => olivier.delaune
Update pushed
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED