SUSE-SU-2017:0523-1

Details

The Adobe flash-player was updated to 24.0.0.221 to fix the following issues:

Security update to 24.0.0.221 (bsc#1025258), fixing the following vulnerabilities advised under APSB17-04:

type confusion vulnerability that could lead to code execution (CVE-2017-2995).
integer overflow vulnerability that could lead to code execution (CVE-2017-2987).
use-after-free vulnerabilities that could lead to code execution (CVE-2017-2982, CVE-2017-2985, CVE-2017-2993, CVE-2017-2994).
heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017- 2984, CVE-2017-2986, CVE-2017-2992).
memory corruption vulnerabilities that could lead to code execution (CVE-2017-2988, CVE-2017-2990, CVE-2017-2991, CVE-2017-2996).

Affected Packages

flash-player

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Workstation Extension 12 SP1

Fixed in:

24.0.0.221-158.1

flash-player-gnome

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Workstation Extension 12 SP1

Fixed in:

24.0.0.221-158.1

References