|
|
Subscribe / Log in / New account

Mageia alert MGASA-2017-0314 (flash-player-plugin)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2017-0314: Updated flash-player-plugin packages fix security vulnerabilities 


Date:
    	      Sat, 26 Aug 2017 23:18:24 +0200


Message-ID:
    	      <20170826211824.546119F872@duvel.mageia.org>


MGASA-2017-0314 - Updated flash-player-plugin packages fix security vulnerabilities

Publication date: 26 Aug 2017
URL: http://advisories.mageia.org/MGASA-2017-0314.html
Type: security
Affected Mageia releases: 5, 6
CVE: CVE-2017-3085,
     CVE-2017-3106

Description:
This update upgrades Flash Player to version 26.0.0.151.

Security Fix(es):
* This update fixes multiple vulnerabilities in Adobe Flash Player.
These vulnerabilities, detailed in the Adobe Security Bulletin listed in
the References section, could allow an attacker to create a specially
crafted SWF file that would cause flash-plugin to crash, execute
arbitrary code, or disclose sensitive information when the victim loaded
a page containing the malicious SWF content.
(CVE-2017-3085, CVE-2017-3106)

References:
- https://bugs.mageia.org/show_bug.cgi?id=21506
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3085
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3106

SRPMS:
- 6/nonfree/flash-player-plugin-26.0.0.151-1.1.mga6.nonfree
- 5/nonfree/flash-player-plugin-26.0.0.151-1.1.mga5.nonfree
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds