Bug 18448

Summary: Security update request for flash-player-plugin, to 11.2.202.621 (0-day)
Product: Mageia Reporter: Anssi Hannula <anssi.hannula>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: High CC: davidwhodgins, sysadmin-bugs
Version: 5Keywords: Security, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
Whiteboard: MGA5-32-OK mga5-64-ok advisory
Source RPM: flash-player-plugin CVE: 25 CVEs, too many to fit here
Status comment:

Description Anssi Hannula 2016-05-12 17:43:08 CEST 
Advisory:
============
Adobe Flash Player 11.2.202.621 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system.

This update resolves type confusion vulnerabilities that could lead to code execution (CVE-2016-1105, CVE-2016-4117).

This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4110).

This update resolves a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-1101).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2016-1103).

This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115).

This update resolves a vulnerability in the directory search path used to find resources that could lead to code execution (CVE-2016-4116).

Adobe reports that an exploit for CVE-2016-4117 exists in the wild.

References:
https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4116
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4117
============

CVEs: CVE-2016-1096, CVE-2016-1097, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1101, CVE-2016-1102, CVE-2016-1103, CVE-2016-1104, CVE-2016-1105, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, CVE-2016-4109, CVE-2016-4110, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4116, CVE-2016-4117

Updated Flash Player packages are in mga5 nonfree/updates_testing.

Source packages:
flash-player-plugin-11.2.202.621-1.mga5.nonfree

Binary packages:
flash-player-plugin
flash-player-plugin-kde
Comment 1 David Walser 2016-05-12 21:06:39 CEST 
Working fine on Mageia 5 i586.

Whiteboard: (none) => MGA5-32-OK

Comment 2 claire robinson 2016-05-12 21:34:36 CEST 
Testing complete mga5 64

Checked flash over https and used the applet in kde system settings to delete local storage.

Whiteboard: MGA5-32-OK => MGA5-32-OK mga5-64-ok

Dave Hodgins 2016-05-12 21:45:31 CEST

Keywords: (none) => validated_update
Whiteboard: MGA5-32-OK mga5-64-ok => MGA5-32-OK mga5-64-ok advisory
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 3 Mageia Robot 2016-05-12 22:00:56 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0173.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED