From $URL: These priority 2 updates address critical vulnerabilities in Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.1.111.7 and earlier versions for Android 3.x and 2.x. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. Adobe recommends users of Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Macintosh and Linux update to Adobe Flash Player 11.2.202.228. Users of Adobe Flash Player 11.1.102.63 and earlier versions for Solaris should update to Adobe Flash Player 11.2.202.223. Users of Adobe Flash Player 11.1.111.7 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.8.
Just checked in the new ebuild. As usual, feel free to stabilize as soon as you like. www-plugins/adobe-flash-11.2.202.223
Update: Turns out the latest version is actually 11.2.102.228. Please stabilize that one instead: =www-plugins/adobe-flash-11.2.202.228
Great, thank you. Arches, please test and mark stable: =www-plugins/adobe-flash-11.2.202.228 Target keywords : "amd64 x86"
amd64 stable
CVE-2012-0773 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0773): The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. CVE-2012-0772 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0772): An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors.
I'm seeing major graphical corruption issues and all YouTube videos have a blue tint under this version of flash with nvidia GTX570 with x11-drivers/nvidia-drivers-290.10. No x86 signoff.
(In reply to comment #6) > I'm seeing major graphical corruption issues and all YouTube videos have a > blue tint under this version of flash with nvidia GTX570 with > x11-drivers/nvidia-drivers-290.10. No x86 signoff. Adobe know this issue and will not fix it. You have to manually disable harware acceleration. Also it happens on amd64 too. See: https://bugbase.adobe.com/index.cfm?event=bug&id=3109467
(In reply to comment #7) > (In reply to comment #6) > > I'm seeing major graphical corruption issues and all YouTube videos have a > > blue tint under this version of flash with nvidia GTX570 with > > x11-drivers/nvidia-drivers-290.10. No x86 signoff. > > Adobe know this issue and will not fix it. You have to manually disable > harware acceleration. Also it happens on amd64 too. > > See: https://bugbase.adobe.com/index.cfm?event=bug&id=3109467 Somebody wrote a patch for libvdpau_trace which supresses this issue: http://plagman.net/stuff/0001-vdpau_trace-WAR-Flash-quirks.patch also see the first post here: http://www.nvnews.net/vbulletin/showthread.php?t=177380
x86 stable
Thanks, everyone. Already in GLSA request.
This issue was resolved and addressed in GLSA 201204-07 at http://security.gentoo.org/glsa/glsa-201204-07.xml by GLSA coordinator Sean Amoss (ackle).