Flash Player 11.2.202.251 has been pushed to mga1+mga2 nonfree/updates_testing. Advisory: ============ Adobe Flash Player 11.2.202.251 contains fixes to critical security vulnerabilities found in earlier versions. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5280). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2012-5279). This update resolves a security bypass vulnerability that could lead to code execution (CVE-2012-5278). References: http://www.adobe.com/support/security/bulletins/apsb12-24.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5274 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5279 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5280 ============ Updated Flash Player 11.2.202.251 packages are in mga1+mga2 nonfree/updates_testing as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and x86_64). ========== Suggested testing procedure: ========== Package installs and Flash works.
Testing complete, Mageia 1 and 2, i586 and x86-64. Could someone from the sysadmin team push the srpm flash-player-plugin-11.2.202.251-1.mga2.nonfree.src.rpm from Mageia 2 Nonfree Updates Testing to Nonfree Updates and the srpm flash-player-plugin-11.2.202.251-1.mga1.nonfree.src.rpm from Mageia 1 Nonfree Updates Testing to Nonfree Updates. Advisory: Adobe Flash Player 11.2.202.251 contains fixes to critical security vulnerabilities found in earlier versions. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5280). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2012-5279). This update resolves a security bypass vulnerability that could lead to code execution (CVE-2012-5278). References: http://www.adobe.com/support/security/bulletins/apsb12-24.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5274 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5279 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5280 https://bugs.mageia.org/show_bug.cgi?id=8006
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugsWhiteboard: (none) => MGA2-64-OK MGA2-32-OK MGA1-64-OK MGA1-32-OK
Update pushed https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0325
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED