Advisories ยป MGASA-2018-0189

Updated flash-player-plugin packages fix security vulnerability

Publication date: 01 Apr 2018
Modification date: 01 Apr 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-4919 , CVE-2018-4920

Description

It was found that flash versions older than 29.0.0.113 contained a use
after free vulnerability that could lead to remote code execution
(CVE-2018-4919).

A second vulnerability was a type confusion which could also lead to
remote code execution (CVE-2018-4920).
                

References

SRPMS

6/nonfree