Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux and Chrome OS. These updates address a critical type confusion vulnerability that could lead to code execution and an important security bypass vulnerability that could lead to information disclosure. Adobe recommends users of the Adobe Flash Player Desktop Runtime for Windows, Macintosh and Linux update to Adobe Flash Player 26.0.0.151 via the update mechanism within the product [1] or by visiting the Adobe Flash Player Download Center.
The latest version on the Adobe website is 27.0.0.130: https://fpdownload.adobe.com/pub/flashplayer/pdc/27.0.0.130/flash-player-ppapi-27.0.0.130-release.x86_64.rpm https://fpdownload.adobe.com/pub/flashplayer/pdc/27.0.0.130/flash-player-npapi-27.0.0.130-release.x86_64.rpm It might make sense to switch from the non-versioned tar.gz downloads to the versioned RPM downloads.
All done via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1ef970d78c11619c0ba7ea004a9d1df560bfbeb and ff. For v27.0.0.130 we will create a new bug.
New GLSA Request filed. Gentoo Security Padawan ChrisADR
This issue was resolved and addressed in GLSA 201709-16 at https://security.gentoo.org/glsa/201709-16 by GLSA coordinator Aaron Bauman (b-man).