Fixed in Product Version Platform Adobe Flash Player Desktop Runtime 26.0.0.126 Linux 3 Vulnerability details Vulnerability Category Vulnerability Impact Severity CVE Numbers Use After Free Remote Code Execution Critical CVE-2017-3075, CVE-2017-3081, CVE-2017-3083, CVE-2017-3084 Memory Corruption Remote Code Execution Critical CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3082 Acknowledgments Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers: bee13oy of CloverSec Labs working with Trend Micro's Zero Day Initiative (CVE-2017-3075, CVE-2017-3082, CVE-2017-3083, CVE-2017-3084) Mateusz Jurczyk and Natalie Silvanovich of Google Project Zero (CVE-2017-3076, CVE-2017-3077, CVE-2017-3078) Jihui Lu of Tencent KeenLab (CVE-2017-3079, CVE-2017-3081)
@ Maintainer(s): While the reported issues were officially addressed in =www-plugins/adobe-flash-26.0.0.126, upstream has now published =www-plugins/adobe-flash-26.0.0.131.
@Maintainer, thank you for the bump Arches, please stabilize 26.0.0.131
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
tree is clean. GLSA request filed.
This issue was resolved and addressed in GLSA 201707-15 at https://security.gentoo.org/glsa/201707-15 by GLSA coordinator Thomas Deutschmann (whissi).
