Summary: | <www-plugins/adobe-flash-11.2.202.508: multiple vulnerabilities (CVE-2015-{3107,5124,5125,5127,5128,5129,5130,5131,5132,5133,5134,5539,5540,5541,5544,5545,5546,5547,5548,5549,5550,5551,5552,5553,5554,5555,5556,5557,5558,5559,5560,5561,5562,5563,5564}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://helpx.adobe.com/security/products/flash-player/apsb15-19.html | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Jeroen Roovers (RETIRED)
2015-08-12 05:25:17 UTC
amd64 stable x86 stable. Please, cleanup! Arches and Maintainer(s), Thank you for your work. Added to an existing GLSA Request. Also the following was added to the URL above, adjusting accordingly: August 12, 2015: Added a reference to CVE-2015-5565, a use-after-free issue similar to CVE-2015-3107. A fix for CVE-2015-3107 was introduced in APSB15-11, and has been strengthened in APSB15-19. Also, removed CVE-2015-5128, which was previously assessed to be a Type Confusion issue and has been re-classified as a non-exploitable crash due to a null pointer exception. This issue was resolved and addressed in GLSA 201508-01 at https://security.gentoo.org/glsa/201508-01 by GLSA coordinator Yury German (BlueKnight). |