Mageia Bugzilla – Bug 9350
Security update request for flash-player-plugin, to 22.214.171.1245
Last modified: 2013-03-19 22:31:40 CET
Flash Player 126.96.36.1995 has been pushed to mga2 nonfree/updates_testing.
Adobe Flash Player 188.8.131.525 contains fixes to critical security
vulnerabilities found in earlier versions. These vulnerabilities could cause a
crash and potentially allow an attacker to take control of the affected system.
This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2013-0646).
This update resolves a use-after-free vulnerability that could be exploited to execute arbitrary code (CVE-2013-0650).
This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2013-1371).
This update resolves a heap buffer overflow vulnerability that could lead to code execution (CVE-2013-1375).
Updated Flash Player 184.108.40.2065 packages are in mga2 nonfree/updates_testing
as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and
Testing complete on Mageia 2 i586 and x86_64.
Could someone from the sysadmin team push the srpm
from Mageia 2 Nonfree Updates Testing to Nonfree Updates.
See the Description for the advisory.
Ping sysadmin team. Please see comment 1 for push request.