Flash Player 11.2.202.280 has been pushed to mga2 nonfree/updates_testing. Updated Flash Player 11.2.202.280 packages are in mga2 nonfree/updates_testing as flash-player-plugin (i586 and x86_64) and flash-player-plugin-kde (i586 and x86_64). No advisory just yet, nothing has been published by Adobe. I'll give them 24 hours after which we will push this as a non-security update. I'll write an advisory at that time at the latest. I think this update can be tested regardless.
And we got advisory. Advisory: ============ Adobe Flash Player 11.2.202.280 contains fixes to critical security vulnerabilities found in earlier versions. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2013-2555). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2013-1378, CVE-2013-1380). These updates resolve a memory corruption vulnerability caused by Flash Player improperly initializing certain pointer arrays, which could lead to code execution (CVE-2013-1379). References: http://www.adobe.com/support/security/bulletins/apsb13-11.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1380 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2555 ============
Keywords: (none) => SecurityStatus: NEW => ASSIGNEDComponent: RPM Packages => SecuritySummary: Update request for flash-player-plugin, to 11.2.202.280 => Security update request for flash-player-plugin, to 11.2.202.280
Testing complete for the new flash-player-plugin-11.2.202.280 and flash-player-plugin-kde on Mageia release 2 (Official) for x86_64, for it's good nothind to report, it works fine. test some video: youtube, dailymotion, pluzz, tf1replay, m6replay...
CC: (none) => geiger.david68210
testing mga2 32
Whiteboard: (none) => mga2-64-ok
Thanks Anssi & David Testing complete mga2 32 Checked flash videos and deleted storage in kde flash settings Validating Advisory & srpm in comment 1 Could sysadmin please push from nonfree/updates_testing to nonfree/updates Thanks!
Keywords: (none) => validated_updateWhiteboard: mga2-64-ok => mga2-64-ok mga2-32-okCC: (none) => sysadmin-bugs
QA Contact: (none) => security
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0116
Status: ASSIGNED => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED