| Summary: | <www-plugins/adobe-flash-26.0.0.137: multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | desktop-misc, gentoo, jer |
| Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://helpx.adobe.com/security/products/flash-player/apsb17-21.html | ||
| Whiteboard: | A2 [glsa cve] | ||
| Package list: |
www-plugins/adobe-flash-26.0.0.137
|
Runtime testing required: | --- |
|
Description
GLSAMaker/CVETool Bot
2017-07-11 20:09:20 UTC
Security updates available for Flash Player | APSB17-21 Summary ======= Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system. Affected product versions ========================= 26.0.0.131 and earlier Vulnerability details ===================== Category Vulnerability Impact Severity CVE Numbers -------------------------------------------------------------------------- Security Bypass Information Disclosure Important CVE-2017-3080 Memory Corruption Remote Code Execution Critical CVE-2017-3099 Memory Corruption Memory address disclosure Important CVE-2017-3100 @ Maintainer(s): Please bump to >=www-plugins/adobe-flash-26.0.0.137! Bumped via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88da74f57a97d87fbae51288dd689b979955cb98 @ Arches, please test and mark stable: =www-plugins/adobe-flash-26.0.0.137 Stable on amd64. *** Bug 625256 has been marked as a duplicate of this bug. *** Added to an existing GLSA. This issue was resolved and addressed in GLSA 201707-15 at https://security.gentoo.org/glsa/201707-15 by GLSA coordinator Thomas Deutschmann (whissi). |