CVE-2008-5499 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5499): Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.
Copying netscape-flash-10.0.12.36-r1.ebuild to netscape-flash-10.0.15.3.ebuild and doing a digest results in a working ebuild which reportedly does not suffer from this problem.
*** Bug 251653 has been marked as a duplicate of this bug. ***
There has been some confusion here, apparently. We have this bug + a comment in bug 239543 which mainly says the same as this one. I prefer to keep handling CVE-2008-5499 in this bug and leave the other one as-is, as it has already left [stable] status. So, according to Jim, the necessary version is in the tree now and ready to be stabled. Arches, please test and mark stable: =net-www/netscape-flash-10.0.15.3 Target keywords: amd64 x86
actually cc'ing arches :-)
amd64/x86 stable, all arches done.
GLSA request filed.
GLSA 200903-23