|
|
Subscribe / Log in / New account

Mageia alert MGASA-2015-0275 (flash-player-plugin)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2015-0275: Updated flash-player-plugin package fixes security vulnerabilities 


Date:
    	      Thu, 16 Jul 2015 23:20:54 +0200


Message-ID:
    	      <20150716212055.14D2142003@valstar.mageia.org>


MGASA-2015-0275 - Updated flash-player-plugin package fixes security vulnerabilities

Publication date: 16 Jul 2015
URL: http://advisories.mageia.org/MGASA-2015-0275.html

Type: security
Affected Mageia releases: 4, 5
CVE: CVE-2015-5122,
     CVE-2015-5123

Description:
Adobe Flash Player 11.2.202.491 contains fixes to critical security
vulnerabilities found in earlier versions that could potentially allow
an attacker to take control of the affected system.

Adobe is aware of reports that exploits targeting these vulnerabilities
have been published publicly.

This update resolves a use-after-free vulnerability that could lead to
code execution (CVE-2015-5122).

This update resolves a memory corruption vulnerability that could lead
to code execution (CVE-2015-5123).

References:
- https://bugs.mageia.org/show_bug.cgi?id=16392

- https://helpx.adobe.com/security/products/flash-player/ap...
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5122

- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5123


SRPMS:
- 4/nonfree/flash-player-plugin-11.2.202.491-1.mga4.nonfree
- 5/nonfree/flash-player-plugin-11.2.202.491-1.mga5.nonfree
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds