Details see: https://helpx.adobe.com/security/products/flash-player/apsb15-32.html
New Version (188.8.131.524) available here:
Security updates available for Adobe Flash Player
Release date: December 8, 2015
Last updated: December 8, 2015
Vulnerability identifier: APSB15-32
Adobe recommends users of Adobe Flash Player for Linux update to Adobe Flash Player 184.108.40.2064 by visiting the Adobe Flash Player Download Center.
These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-8438, CVE-2015-8446).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-8444, CVE-2015-8443, CVE-2015-8417, CVE-2015-8416, CVE-2015-8451, CVE-2015-8047, CVE-2015-8455, CVE-2015-8045, CVE-2015-8418, CVE-2015-8060, CVE-2015-8419, CVE-2015-8408).
These updates resolve security bypass vulnerabilities (CVE-2015-8453, CVE-2015-8440, CVE-2015-8409).
These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2015-8407).
These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-8439).
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2015-8445).
These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-8415)
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-8050, CVE-2015-8049, CVE-2015-8437, CVE-2015-8450, CVE-2015-8449, CVE-2015-8448, CVE-2015-8436, CVE-2015-8452, CVE-2015-8048, CVE-2015-8413, CVE-2015-8412, CVE-2015-8410, CVE-2015-8411, CVE-2015-8424, CVE-2015-8422, CVE-2015-8420, CVE-2015-8421, CVE-2015-8423, CVE-2015-8425, CVE-2015-8433, CVE-2015-8432, CVE-2015-8431, CVE-2015-8426, CVE-2015-8430, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8434, CVE-2015-8435, CVE-2015-8414, CVE-2015-8454, CVE-2015-8059, CVE-2015-8058, CVE-2015-8055, CVE-2015-8057, CVE-2015-8056, CVE-2015-8061, CVE-2015-8067, CVE-2015-8066, CVE-2015-8062, CVE-2015-8068, CVE-2015-8064, CVE-2015-8065, CVE-2015-8063, CVE-2015-8405, CVE-2015-8404, CVE-2015-8402, CVE-2015-8403, CVE-2015-8071, CVE-2015-8401, CVE-2015-8406, CVE-2015-8069, CVE-2015-8070, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447).
Arch teams, please test and mark stable:
Targeted stable KEYWORDS : amd64 x86
Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Arches and Maintainer(s), Thank you for your work.
New GLSA Request filed.
Adding for Completeness:
This issue was resolved and addressed in
GLSA 201601-03 at https://security.gentoo.org/glsa/201601-03
by GLSA coordinator Kristian Fiskerstrand (K_F).