Updated flash-player-plugin packages fix security vulnerability
Publication date: 01 Apr 2018Modification date: 01 Apr 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-4919 , CVE-2018-4920
Description
It was found that flash versions older than 29.0.0.113 contained a use after free vulnerability that could lead to remote code execution (CVE-2018-4919). A second vulnerability was a type confusion which could also lead to remote code execution (CVE-2018-4920).
References
SRPMS
6/nonfree
- flash-player-plugin-29.0.0.113-1.mga6.nonfree