Mageia Advisory: MGASA-2018-0349 - Updated flash-player-plugin packages fix security vulnerabilities

Updated flash-player-plugin packages fix security vulnerabilities

Publication date: 19 Aug 2018
Modification date: 19 Aug 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-12824 , CVE-2018-12825 , CVE-2018-12826 , CVE-2018-12827 , CVE-2018-12828

Description

Updated flash-player-plugin packages fix security vulnerabilities:
* Out-of-bounds read that can lead to Information Disclosure 
  (CVE-2018-12824, CVE-2018-12826, CVE-2018-12827)
* Security bypass that can lead to Security Mitigation Bypass
  (CVE-2018-12825)
* Use of a component with a known vulnerability can lead to a
  Privilege Escalation (CVE-2018-12828)

References

https://bugs.mageia.org/show_bug.cgi?id=23464
https://helpx.adobe.com/security/products/flash-player/apsb18-25.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12824
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12825
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12826
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12828

SRPMS

6/nonfree

flash-player-plugin-30.0.0.154-1.mga6.nonfree

Advisories » MGASA-2018-0349

Updated flash-player-plugin packages fix security vulnerabilities

Description

References

SRPMS

6/nonfree