diff options
| author |   Yury German <blueknight@gentoo.org> | 2015-08-15 00:53:43 -0400 |
|---|---|---|
| committer | Yury German <blueknight@gentoo.org> | 2015-08-15 00:53:43 -0400 |
| commit | dd3950ec93e2ba9318338fc63efaa89d4116d6ed (patch) | |
| tree | 5ead70fd8940c6d8f5adc1164e75b562c87e5c32 /glsa-201508-01.xml | |
| parent | GLSA 201507-22 (diff) | |
| download | gentoo-dd3950ec93e2ba9318338fc63efaa89d4116d6ed.tar.gz gentoo-dd3950ec93e2ba9318338fc63efaa89d4116d6ed.tar.bz2 gentoo-dd3950ec93e2ba9318338fc63efaa89d4116d6ed.zip | |
Add GLSA 201508-01
Diffstat (limited to 'glsa-201508-01.xml')
| -rw-r--r-- | glsa-201508-01.xml | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/glsa-201508-01.xml b/glsa-201508-01.xml new file mode 100644 index 000000000000..98196605484a --- /dev/null +++ b/glsa-201508-01.xml @@ -0,0 +1,93 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="201508-01"> + <title>Adobe Flash Player: Multiple vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been found in Adobe Flash Player, the + worst of which allows remote attackers to execute arbitrary code. + </synopsis> + <product type="ebuild">flash,ACE,DoS</product> + <announced>August 15, 2015</announced> + <revised>August 15, 2015: 1</revised> + <bug>554882</bug> + <bug>557342</bug> + <access>remote</access> + <affected> + <package name="www-plugins/adobe-flash" auto="yes" arch="*"> + <unaffected range="ge">11.2.202.508</unaffected> + <vulnerable range="lt">11.2.202.508</vulnerable> + </package> + </affected> + <background> + <p>The Adobe Flash Player is a renderer for the SWF file format, which is + commonly used to provide interactive websites. + </p> + </background> + <description> + <p>Multiple vulnerabilities have been discovered in Adobe Flash Player. + Please review the CVE identifiers referenced below for details. + </p> + </description> + <impact type="normal"> + <p>A remote attacker could possibly execute arbitrary code with the + privileges of the process, cause a Denial of Service condition, obtain + sensitive information, or bypass security restrictions. + </p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Adobe Flash Player users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose + ">=www-plugins/adobe-flash-11.2.202.508" + </code> + </resolution> + <references> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107">CVE-2015-3107</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122">CVE-2015-5122</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123">CVE-2015-5123</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124">CVE-2015-5124</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125">CVE-2015-5125</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127">CVE-2015-5127</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129">CVE-2015-5129</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130">CVE-2015-5130</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131">CVE-2015-5131</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132">CVE-2015-5132</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133">CVE-2015-5133</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134">CVE-2015-5134</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539">CVE-2015-5539</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540">CVE-2015-5540</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541">CVE-2015-5541</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544">CVE-2015-5544</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545">CVE-2015-5545</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546">CVE-2015-5546</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547">CVE-2015-5547</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548">CVE-2015-5548</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549">CVE-2015-5549</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550">CVE-2015-5550</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551">CVE-2015-5551</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552">CVE-2015-5552</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553">CVE-2015-5553</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554">CVE-2015-5554</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555">CVE-2015-5555</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556">CVE-2015-5556</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557">CVE-2015-5557</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558">CVE-2015-5558</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559">CVE-2015-5559</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560">CVE-2015-5560</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561">CVE-2015-5561</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562">CVE-2015-5562</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563">CVE-2015-5563</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564">CVE-2015-5564</uri> + <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965">CVE-2015-5965</uri> + </references> + <metadata tag="requester" timestamp="Tue, 21 Jul 2015 02:44:26 +0000"> + BlueKnight + </metadata> + <metadata tag="submitter" timestamp="Sat, 15 Aug 2015 04:47:52 +0000"> + BlueKnight + </metadata> +</glsa> |