Mehrere Probleme in Adobe Flash Player
ID: | 201411-06 |
Distribution: | Gentoo |
Plattformen: | Keine Angabe |
Datum: | Fr, 21. November 2014, 22:49 |
Referenzen: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442 |
Applikationen: | Flash Plugin for Browsers |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --PCHuvAg1MvjlgQA39PeBw6Hbm2dQGWT7U Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201411-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Adobe Flash Player: Multiple vulnerabilities Date: November 21, 2014 Bugs: #525430, #529088 ID: 201411-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-plugins/adobe-flash < 11.2.202.418 >= 11.2.202.418 Description =========== Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly execute arbitrary code with the privileges of the process or bypass security restrictions. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.418" References ========== [ 1 ] CVE-2014-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0558 [ 2 ] CVE-2014-0564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0564 [ 3 ] CVE-2014-0569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0569 [ 4 ] CVE-2014-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0573 [ 5 ] CVE-2014-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0574 [ 6 ] CVE-2014-0576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0576 [ 7 ] CVE-2014-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0577 [ 8 ] CVE-2014-0581 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0581 [ 9 ] CVE-2014-0582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0582 [ 10 ] CVE-2014-0583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0583 [ 11 ] CVE-2014-0584 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0584 [ 12 ] CVE-2014-0585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0585 [ 13 ] CVE-2014-0586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0586 [ 14 ] CVE-2014-0588 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0588 [ 15 ] CVE-2014-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0589 [ 16 ] CVE-2014-0590 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0590 [ 17 ] CVE-2014-8437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8437 [ 18 ] CVE-2014-8438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8438 [ 19 ] CVE-2014-8440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8440 [ 20 ] CVE-2014-8441 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8441 [ 21 ] CVE-2014-8442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8442 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201411-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --PCHuvAg1MvjlgQA39PeBw6Hbm2dQGWT7U Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJUbysDAAoJEPw7F94F4TagYRIP/iIwXHdbNDhV8IeDT1gFyl0z BugXEPhOiXDIYwDwo+sUfII1WIY95Y2QUZc+JC7QQljr4DH+gFtnmjkLpPYHFDFk Y0HvBbFFqcztns3T49iVlanKfJghhBsYSaF6y4t2khdL6z9phAf2JQGzkA7ZioJ9 /+vP4bgmMJ8goAYaR1rGlBGT2tZHHk/Qm8jgf31QTd9auuAITLKL8Zv/SaTjNBGP Fk2u0ul9pVM5zJtmK1kCnVNtrj/21OTicAlqrhOPyFFFsN2Bq7u8ei6VblPtIw/i hAvE1nAwzzsTZSB6rbz5QamsdvY+jaqtOJ7n+NyUHW9thXtiHStQ9Auyp1DaMwhj mCKZGlV0Xw35zNXCw+Ap+304tysQRwKduw1yqyhQLlL00PpveYOz/oKg0Jqdxzjy z0yhKMW7CZ2IymcGGl/KKBjEgWo1sN4o57TpipvKva9D12yU/sRWJK02GdvwhTKd Y7QpSDubG1rhZnnR8kwlPOP7TYJBVUpSzjQGjSywdrepHnb2nVEUVTrXqWE9qi9D Wrj6pJdU8GPduNquAFJTBKdE2EbY1zRq/SRCkwOVTMTYaLEVSJO8se/ZFUELwmdR GtMNKLy7k9nVYRPMHeqyC+ur1M0sOkcRkQuzMbPh4MlE7AfLrHbCNWNdSuvsUk4O cffIZGTr5+hHgMS3wiQY =3JND -----END PGP SIGNATURE----- --PCHuvAg1MvjlgQA39PeBw6Hbm2dQGWT7U-- |