Advisories » MGASA-2019-0273

Updated flash-player-plugin packages fix security vulnerabilities

Publication date: 12 Sep 2019
Modification date: 12 Sep 2019
Type: security
Affected Mageia releases : 6 , 7
CVE: CVE-2019-8069 , CVE-2019-8070

Description

Updated flash-player-plugin package fixes security vulnerabilities:

Same origin method execution that leads to arbitrary code execution in
the context of the current user. (CVE-2019-8069)

Use after free that leads to arbitrary code execution in the context of
the current user. (CVE-2019-8070)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25429
• https://helpx.adobe.com/security/products/flash-player/apsb19-46.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8069
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8070

SRPMS

7/nonfree

• flash-player-plugin-32.0.0.255-1.mga7.nonfree

6/nonfree

• flash-player-plugin-32.0.0.255-1.mga6.nonfree