Bug 17411

Summary: Security update request for flash-player-plugin, to 11.2.202.559
Product: Mageia Reporter: Anssi Hannula <anssi.hannula>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: sysadmin-bugs
Version: 5Keywords: Security, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
Whiteboard: has_procedure advisory mga5-32-ok MGA5-64-OK
Source RPM: flash-player-plugin CVE: 19 CVEs, too many to fit here
Status comment:

Description Anssi Hannula 2015-12-28 15:53:37 CET 
Updated Flash Player 11.2.202.559 packages are in mga5 nonfree/updates_testing.

Release notes are not yet available, I'll post an advisory as a comment when they are. I expect the update to fix critical security vulnerabilities as usual.

Source packages:
flash-player-plugin-11.2.202.559-1.mga5.nonfree

Binary packages:
flash-player-plugin
flash-player-plugin-kde
claire robinson 2015-12-28 16:44:42 CET

Severity: normal => critical

Comment 1 claire robinson 2015-12-28 16:49:59 CET 
Testing complete mga5 32

Ensured the correct version was downloaded and installed.
Verified version at http://www.adobe.com/software/flash/about/ and checked flash usage at various other websites.

Deleted local flash storage in kde system settings.

Whiteboard: (none) => has_procedure mga5-32-ok

Comment 2 James Kerr 2015-12-28 18:40:32 CET 
Testing on mga5-64

Verified version
Confirmed that flash videos and streaming work on several sites
Deleted selected local storage using System Settings module

OK for mga5-64

Whiteboard: has_procedure mga5-32-ok => has_procedure mga5-32-ok MGA5-64-OK

Comment 3 Anssi Hannula 2015-12-28 18:46:05 CET 
Advisory:
============
Adobe Flash Player 11.2.202.559 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

This update resolves a type confusion vulnerability that could lead to code execution (CVE-2015-8644).

This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2015-8651).

This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650).

This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-8459, CVE-2015-8460, CVE-2015-8636, CVE-2015-8645).

References:
https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8459
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8460
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8634
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8635
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8638
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8639
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8642
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8643
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8644
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8645
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8646
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8648
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8649
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8650
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8651
============

CVEs: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651

URL: (none) => CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651

Anssi Hannula 2015-12-28 18:46:35 CET

URL: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651 => https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
CVE: (none) => CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649,

Anssi Hannula 2015-12-28 18:48:01 CET

CVE: CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, => 19 CVEs, too many to fit here

Comment 4 James Kerr 2015-12-28 19:22:23 CET 
This update is now validated

The advisory needs to be uploaded to SVN 
The packages can then be pushed to updates

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 5 claire robinson 2015-12-28 20:09:40 CET 
Thanks guys.

Advisory uploaded.

Whiteboard: has_procedure mga5-32-ok MGA5-64-OK => has_procedure advisory mga5-32-ok MGA5-64-OK

Comment 6 Mageia Robot 2015-12-28 20:24:45 CET 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0493.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED