Bug 16792

Summary: Security update request for flash-player-plugin, to 11.2.202.521
Product: Mageia Reporter: Anssi Hannula <anssi.hannula>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: sysadmin-bugs
Version: 5Keywords: Security, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://helpx.adobe.com/security/products/flash-player/apsb15-23.html
Whiteboard: advisory has_procedure mga5-64-ok MGA5-32-OK
Source RPM: flash-player-plugin CVE: 23 CVEs, too many to fit here
Status comment:

Description Anssi Hannula 2015-09-21 18:08:49 CEST 
Advisory:
============
Adobe Flash Player 11.2.202.521 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

These update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-5573). 

These update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682). 

These update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6676, CVE-2015-6678). 

These update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, CVE-2015-6677). 

These update includes additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2015-5571). 

These update resolves a memory leak vulnerability (CVE-2015-5576). 

These update includes further hardening to a mitigation to defend against vector length corruptions (CVE-2015-5568). 

These update resolves stack corruption vulnerabilities that could lead to code execution (CVE-2015-5567, CVE-2015-5579). 

These update resolves a stack overflow vulnerability that could lead to code execution (CVE-2015-5587). 

These update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-5572). 

These update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-6679).

References:
https://helpx.adobe.com/security/products/flash-player/apsb15-23.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5567
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5568
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5570
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5571
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5573
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5576
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5577
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5579
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5580
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5582
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5584
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5587
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5588
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6677
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6678
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6679
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6682
============

CVEs: CVE-2015-5567, CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682

Updated Flash Player 11.2.202.521 packages are in mga5 nonfree/updates_testing.

Source packages:
flash-player-plugin-11.2.202.521-1.mga5.nonfree

Binary packages:
flash-player-plugin
flash-player-plugin-kde
Comment 1 Anssi Hannula 2015-09-21 18:10:47 CEST 
Oops, copy-paste mistake, here is a fixed ADVISORY:
================
Adobe Flash Player 11.2.202.521 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-5573). 

This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682). 

This update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6676, CVE-2015-6678). 

This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, CVE-2015-6677). 

This update includes additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs (CVE-2015-5571). 

This update resolves a memory leak vulnerability (CVE-2015-5576). 

This update includes further hardening to a mitigation to defend against vector length corruptions (CVE-2015-5568). 

This update resolves stack corruption vulnerabilities that could lead to code execution (CVE-2015-5567, CVE-2015-5579). 

This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2015-5587). 

This update resolves a security bypass vulnerability that could lead to information disclosure (CVE-2015-5572). 

This update resolves a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-6679).

References:
https://helpx.adobe.com/security/products/flash-player/apsb15-23.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5567
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5568
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5570
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5571
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5573
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5576
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5577
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5579
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5580
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5582
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5584
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5587
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5588
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6677
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6678
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6679
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6682
================
Comment 2 claire robinson 2015-09-21 18:17:48 CEST 
Advisory from comment 1 uploaded.

Whiteboard: (none) => advisory

Comment 3 claire robinson 2015-09-21 19:27:19 CEST 
Testing complete mga5 64

Testing flash video and deleted local storage in kde system settings

Whiteboard: advisory => advisory has_procedure mga5-64-ok

Comment 4 claire robinson 2015-09-21 19:28:16 CEST 
Also verified it was downloading the correct version as it installed..
http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.521/flash-plugin-11.2.202.521-release.x86_64.rpm
Comment 5 James Kerr 2015-09-21 22:16:15 CEST 
Testing on mga5-32

# urpmi --searchmedia "Nonfree Updates Testing" flash-player-plugin 
flash-player-plugin-kde
To satisfy dependencies, the following packages are going to be installed:
  Package                        Version      Release       Arch    
(medium "Core Updates")
  libkutils4                     4.14.5       1.1.mga5      i586    
(medium "Nonfree Updates Testing")
  flash-player-plugin            11.2.202.521 1.mga5.nonfr> i586    
  flash-player-plugin-kde        11.2.202.521 1.mga5.nonfr> i586    

Downloading from 
http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.521/flash-plugin-
11.2.202.521-release.i386.rpm:

Tested that videos play correctly.

Deleted local storage for two sites in KDE System Settings

OK for mga5-32

Whiteboard: advisory has_procedure mga5-64-ok => advisory has_procedure mga5-64-ok MGA5-32-OK

Comment 6 James Kerr 2015-09-21 22:20:30 CEST 
This update is now validated and can be pushed to updates.

CC: (none) => sysadmin-bugs

James Kerr 2015-09-21 22:21:14 CEST

Keywords: (none) => validated_update

Comment 7 Mageia Robot 2015-09-21 23:07:42 CEST 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0379.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED