Flash Player 11.2.202.275 has been pushed to mga2 nonfree/updates_testing. Advisory: ============ Adobe Flash Player 11.2.202.275 contains fixes to critical security vulnerabilities found in earlier versions. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2013-0646). This update resolves a use-after-free vulnerability that could be exploited to execute arbitrary code (CVE-2013-0650). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2013-1371). This update resolves a heap buffer overflow vulnerability that could lead to code execution (CVE-2013-1375). References: http://www.adobe.com/support/security/bulletins/apsb13-09.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0646 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0650 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1371 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1375 ============ Updated Flash Player 11.2.202.275 packages are in mga2 nonfree/updates_testing as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and x86_64).
Testing complete on Mageia 2 i586 and x86_64. Could someone from the sysadmin team push the srpm flash-player-plugin-11.2.202.275-1.mga2.nonfree.src.rpm from Mageia 2 Nonfree Updates Testing to Nonfree Updates. See the Description for the advisory.
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugsWhiteboard: (none) => MGA2-64-OK MGA2-32-OK
Ping sysadmin team. Please see comment 1 for push request.
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0098
Status: NEW => RESOLVEDCC: (none) => dmorganecResolution: (none) => FIXED
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=9459