ArchLinux: 201904-8: flashplugin: multiple issues
Summary
- CVE-2019-7096 (arbitrary code execution)
An arbitrary code execution issue has been found in Adobe Flash Player
before 32.0.0.171.
- CVE-2019-7108 (information disclosure)
An out-of-bounds read has been found in Adobe Flash Player before
32.0.0.171.
Resolution
Upgrade to 32.0.0.171-1.
# pacman -Syu "flashplugin>=32.0.0.171-1"
The problems have been fixed upstream in version 32.0.0.171.
References
https://helpx.adobe.com/support/programs/support-options-free-discontinued-apps-services.html https://security.archlinux.org/CVE-2019-7096 https://security.archlinux.org/CVE-2019-7108
Workaround
None.