Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Kristian Fiskerstrand <k_f@g.o>
To: gentoo-announce@l.g.o
Subject: [gentoo-announce] [ GLSA 201601-03 ] Adobe Flash Player: Multiple vulnerabilities
Date: Tue, 26 Jan 2016 20:22:22
Message-Id: 56A7D39C.2060301@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 201601-03
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 https://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Adobe Flash Player: Multiple vulnerabilities
9 Date: January 26, 2016
10 Bugs: #567838, #570040
11 ID: 201601-03
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities have been found in Adobe Flash Player, the
19 worst of which allows remote attackers to execute arbitrary code.
20
21 Background
22 ==========
23
24 The Adobe Flash Player is a renderer for the SWF file format, which is
25 commonly used to provide interactive websites.
26
27 Affected packages
28 =================
29
30 -------------------------------------------------------------------
31 Package / Vulnerable / Unaffected
32 -------------------------------------------------------------------
33 1 www-plugins/adobe-flash < 11.2.202.559 >= 11.2.202.559
34
35 Description
36 ===========
37
38 Multiple vulnerabilities have been discovered in Adobe Flash Player.
39 Please review the CVE identifiers referenced below for details.
40
41 Impact
42 ======
43
44 A remote attacker could possibly execute arbitrary code with the
45 privileges of the process, cause a Denial of Service condition, obtain
46 sensitive information, or bypass security restrictions.
47
48 Workaround
49 ==========
50
51 There is no known workaround at this time.
52
53 Resolution
54 ==========
55
56 All Adobe Flash Player users should upgrade to the latest version:
57
58 # emerge --sync
59 # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.559"
60
61 References
62 ==========
63
64 [ 1 ] CVE-2015-8045
65 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8045
66 [ 2 ] CVE-2015-8047
67 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8047
68 [ 3 ] CVE-2015-8048
69 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8048
70 [ 4 ] CVE-2015-8049
71 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8049
72 [ 5 ] CVE-2015-8050
73 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8050
74 [ 6 ] CVE-2015-8055
75 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8055
76 [ 7 ] CVE-2015-8056
77 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8056
78 [ 8 ] CVE-2015-8057
79 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8057
80 [ 9 ] CVE-2015-8058
81 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8058
82 [ 10 ] CVE-2015-8059
83 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8059
84 [ 11 ] CVE-2015-8060
85 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8060
86 [ 12 ] CVE-2015-8061
87 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8061
88 [ 13 ] CVE-2015-8062
89 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8062
90 [ 14 ] CVE-2015-8063
91 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8063
92 [ 15 ] CVE-2015-8064
93 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8064
94 [ 16 ] CVE-2015-8065
95 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8065
96 [ 17 ] CVE-2015-8066
97 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8066
98 [ 18 ] CVE-2015-8067
99 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8067
100 [ 19 ] CVE-2015-8068
101 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8068
102 [ 20 ] CVE-2015-8069
103 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8069
104 [ 21 ] CVE-2015-8070
105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8070
106 [ 22 ] CVE-2015-8071
107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8071
108 [ 23 ] CVE-2015-8401
109 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8401
110 [ 24 ] CVE-2015-8402
111 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8402
112 [ 25 ] CVE-2015-8403
113 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8403
114 [ 26 ] CVE-2015-8404
115 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8404
116 [ 27 ] CVE-2015-8405
117 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8405
118 [ 28 ] CVE-2015-8406
119 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8406
120 [ 29 ] CVE-2015-8407
121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8407
122 [ 30 ] CVE-2015-8408
123 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8408
124 [ 31 ] CVE-2015-8409
125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8409
126 [ 32 ] CVE-2015-8410
127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8410
128 [ 33 ] CVE-2015-8411
129 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8411
130 [ 34 ] CVE-2015-8412
131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8412
132 [ 35 ] CVE-2015-8413
133 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8413
134 [ 36 ] CVE-2015-8414
135 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8414
136 [ 37 ] CVE-2015-8415
137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8415
138 [ 38 ] CVE-2015-8416
139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8416
140 [ 39 ] CVE-2015-8417
141 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8417
142 [ 40 ] CVE-2015-8418
143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8418
144 [ 41 ] CVE-2015-8419
145 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8419
146 [ 42 ] CVE-2015-8420
147 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8420
148 [ 43 ] CVE-2015-8421
149 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8421
150 [ 44 ] CVE-2015-8422
151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8422
152 [ 45 ] CVE-2015-8423
153 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8423
154 [ 46 ] CVE-2015-8424
155 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8424
156 [ 47 ] CVE-2015-8425
157 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8425
158 [ 48 ] CVE-2015-8426
159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8426
160 [ 49 ] CVE-2015-8427
161 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8427
162 [ 50 ] CVE-2015-8428
163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8428
164 [ 51 ] CVE-2015-8429
165 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8429
166 [ 52 ] CVE-2015-8430
167 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8430
168 [ 53 ] CVE-2015-8431
169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8431
170 [ 54 ] CVE-2015-8432
171 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8432
172 [ 55 ] CVE-2015-8433
173 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8433
174 [ 56 ] CVE-2015-8434
175 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8434
176 [ 57 ] CVE-2015-8435
177 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8435
178 [ 58 ] CVE-2015-8436
179 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8436
180 [ 59 ] CVE-2015-8437
181 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8437
182 [ 60 ] CVE-2015-8438
183 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8438
184 [ 61 ] CVE-2015-8439
185 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8439
186 [ 62 ] CVE-2015-8440
187 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8440
188 [ 63 ] CVE-2015-8441
189 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8441
190 [ 64 ] CVE-2015-8442
191 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8442
192 [ 65 ] CVE-2015-8443
193 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8443
194 [ 66 ] CVE-2015-8443
195 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8443
196 [ 67 ] CVE-2015-8445
197 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8445
198 [ 68 ] CVE-2015-8446
199 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8446
200 [ 69 ] CVE-2015-8447
201 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8447
202 [ 70 ] CVE-2015-8448
203 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8448
204 [ 71 ] CVE-2015-8449
205 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8449
206 [ 72 ] CVE-2015-8450
207 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8450
208 [ 73 ] CVE-2015-8451
209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8451
210 [ 74 ] CVE-2015-8452
211 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8452
212 [ 75 ] CVE-2015-8453
213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8453
214 [ 76 ] CVE-2015-8454
215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8454
216 [ 77 ] CVE-2015-8455
217 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8455
218 [ 78 ] CVE-2015-8459
219 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8459
220 [ 79 ] CVE-2015-8460
221 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8460
222 [ 80 ] CVE-2015-8635
223 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8635
224 [ 81 ] CVE-2015-8636
225 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8636
226 [ 82 ] CVE-2015-8638
227 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8638
228 [ 83 ] CVE-2015-8639
229 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8639
230 [ 84 ] CVE-2015-8640
231 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8640
232 [ 85 ] CVE-2015-8641
233 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8641
234 [ 86 ] CVE-2015-8642
235 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8642
236 [ 87 ] CVE-2015-8643
237 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8643
238 [ 88 ] CVE-2015-8644
239 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8644
240 [ 89 ] CVE-2015-8645
241 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8645
242 [ 90 ] CVE-2015-8646
243 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8646
244 [ 91 ] CVE-2015-8647
245 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8647
246 [ 92 ] CVE-2015-8648
247 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8648
248 [ 93 ] CVE-2015-8649
249 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8649
250 [ 94 ] CVE-2015-8650
251 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8650
252 [ 95 ] CVE-2015-8651
253 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8651
254
255 Availability
256 ============
257
258 This GLSA and any updates to it are available for viewing at
259 the Gentoo Security Website:
260
261 https://security.gentoo.org/glsa/201601-03
262
263 Concerns?
264 =========
265
266 Security is a primary focus of Gentoo Linux and ensuring the
267 confidentiality and security of our users' machines is of utmost
268 importance to us. Any security concerns should be addressed to
269 security@g.o or alternatively, you may file a bug at
270 https://bugs.gentoo.org.
271
272 License
273 =======
274
275 Copyright 2016 Gentoo Foundation, Inc; referenced text
276 belongs to its owner(s).
277
278 The contents of this document are licensed under the
279 Creative Commons - Attribution / Share Alike license.
280
281 http://creativecommons.org/licenses/by-sa/2.5

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups