Mageia Bugzilla – Bug 9677
Security update request for flash-player-plugin, to 184.108.40.2060
Last modified: 2013-04-10 00:13:04 CEST
Flash Player 220.127.116.110 has been pushed to mga2 nonfree/updates_testing.
Updated Flash Player 18.104.22.1680 packages are in mga2 nonfree/updates_testing
as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and
No advisory just yet, nothing has been published by Adobe. I'll give them 24 hours after which we will push this as a non-security update. I'll write an advisory at that time at the latest.
I think this update can be tested regardless.
And we got advisory.
Adobe Flash Player 22.214.171.1240 contains fixes to critical security
vulnerabilities found in earlier versions. These vulnerabilities could cause a
crash and potentially allow an attacker to take control of the affected system.
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2013-2555).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-1378, CVE-2013-1380).
These updates resolve a memory corruption vulnerability caused by Flash Player improperly initializing certain pointer arrays, which could lead to code execution (CVE-2013-1379).
Testing complete for the new flash-player-plugin-126.96.36.1990 and flash-player-plugin-kde on Mageia release 2 (Official) for x86_64, for it's good nothind to report, it works fine.
test some video: youtube, dailymotion, pluzz, tf1replay, m6replay...
testing mga2 32
Thanks Anssi & David
Testing complete mga2 32
Checked flash videos and deleted storage in kde flash settings
Advisory & srpm in comment 1
Could sysadmin please push from nonfree/updates_testing to nonfree/updates