Bug 7114 - Security update request for flash-player-plugin, to 11.2.202.238
: Security update request for flash-player-plugin, to 11.2.202.238
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 2
: All Linux
: Normal Severity: critical
: ---
Assigned To: QA Team
:
:
: MGA1TOO has_procedure MGA1-32-OK MGA2...
: Security, validated_update
:
:
  Show dependency treegraph
 
Reported: 2012-08-19 21:00 CEST by Anssi Hannula
Modified: 2012-08-21 16:00 CEST (History)
5 users (show)

See Also:
Source RPM:
CVE:


Attachments

Description Anssi Hannula 2012-08-19 21:00:27 CEST
Flash Player 11.2.202.238 has been pushed to mga1+mga2 nonfree/updates_testing.

Advisory:
============
Adobe Flash Player 11.2.202.238 contains a fix to a critical security vulnerability found in earlier versions. This undisclosed vulnerability (CVE-2012-1535) could cause a crash and potentially allow an attacker to take control of the affected system.

References:
http://www.adobe.com/support/security/bulletins/apsb12-18.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1535
============

Updated Flash Player 11.2.202.238 packages are in mga1+mga2 nonfree/updates_testing as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and x86_64).

==========
Suggested testing procedure:
==========
Package installs and Flash works.
Comment 1 Samuel Verschelde 2012-08-19 21:12:19 CEST
Works well on Mageia 1 32.
Comment 2 Eduard Beliaev 2012-08-19 21:40:12 CEST
On Mageia 2 x86_64 works well too.
Comment 3 Dave Hodgins 2012-08-19 23:39:25 CEST
Testing complete on Mageia 1 x86-64 and Mageia 2 i586.

Could someone from the sysadmin team push the srpm
flash-player-plugin-11.2.202.238-1.mga2.nonfree.src.rpm
from Mageia 2 Nonfree Updates Testing to Nonfree Updates and the srpm
flash-player-plugin-11.2.202.238-1.mga1.nonfree.src.rpm
from Mageia 1 Nonfree Updates Testing to Nonfree Updates.

Advisory: Adobe Flash Player 11.2.202.238 contains a fix to a critical security
vulnerability found in earlier versions. This undisclosed vulnerability
(CVE-2012-1535) could cause a crash and potentially allow an attacker to take
control of the affected system.

References:
http://www.adobe.com/support/security/bulletins/apsb12-18.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1535

https://bugs.mageia.org/show_bug.cgi?id=7114
Comment 4 Thomas Backlund 2012-08-21 16:00:45 CEST
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0229

Note You need to log in before you can comment on or make changes to this bug.