type: security
subject: Updated flash-player-plugin packages fix security vulnerability
CVE:
 - CVE-2019-7096
 - CVE-2019-7108
src:
  6:
   nonfree:
     - flash-player-plugin-32.0.0.171-1.mga6.nonfree
description: |
  An out-of-bounds read that leads to information disclosure. (CVE-2019-7108)

  A use after free that leads to arbitrary code execution. (CVE-2019-7096)
references:
 - https://bugs.mageia.org/show_bug.cgi?id=24643
 - https://helpx.adobe.com/security/products/flash-player/apsb19-19.html