Adobe has released a security advisory for all versions of Adobe Flash Player up through the newly released 11.2.202.535. Adobe has given this vulnerability a Critical rating for all platforms. Learn more: https://helpx.adobe.com/security/products/flash-player/apsa15-05.html Affected: Adobe Flash Player for Linux versions 11.2.202.535 and earlier Linux Solution and priority: At this time, Adobe is expecting a patch for this vulnerability by October 23rd, 2015. Reproducible: Always
Hotfix version for this vulnerability is 11.2.202.540 which is currently distributed. See: https://helpx.adobe.com/security/products/flash-player/apsb15-27.html Change title to: <www-plugins/adobe-flash-11.2.202.540 : Vulnerability in adobe flash player (APSB15-27) (CVE-2015-7645) Please update and stabilize,
CVE-2015-7645 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7645): Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015.
Arch teams, please test and mark stable: =www-plugins/adobe-flash-11.2.202.540 Targeted stable KEYWORDS : amd64 x86
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Thanks for you work Cleanup is done by maintainer, GLSA request filed
This issue was resolved and addressed in GLSA 201511-02 at https://security.gentoo.org/glsa/201511-02 by GLSA coordinator Sergey Popov (pinkbyte).
