Bug 946880 – VUL-0: flash-player: security update to 11.2.202.521 (APSB15-23)

Bug 946880 - (CVE-2015-5567) VUL-0: flash-player: security update to 11.2.202.521 (APSB15-23)

(CVE-2015-5567)
Summary:	VUL-0: flash-player: security update to 11.2.202.521 (APSB15-23)

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P1 - Urgent Severity: Major
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2015-09-22 08:21 UTC by Marcus Meissner
Modified:	2016-04-27 14:42 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2015-09-22 08:21:40 UTC

https://helpx.adobe.com/security/products/flash-player/apsb15-23.html

Release date: September 21, 2015

Vulnerability identifier: APSB15-23

Priority: See table below

CVE number: CVE-2015-5567, CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682


Vulnerability Details

    These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-5573). 
    These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682). 
    These updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6676, CVE-2015-6678). 
    These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, CVE-2015-6677). 
    These updates include additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs  (CVE-2015-5571). 
    These updates resolve a memory leak vulnerability (CVE-2015-5576). 
    These updates include further hardening to a mitigation to defend against vector length corruptions  (CVE-2015-5568). 
    These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2015-5567, CVE-2015-5579). 
    These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2015-5587). 
    These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-5572). 
    These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-6679).

Acknowledgments

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers: 

    Ben Hayak (CVE-2015-5571) 
    Jing Chen Liu of Alibaba Security Research Team (CVE-2015-5587) 
    Malte Batram (CVE-2015-6679) 
    Natalie Silvanovich of Google Project Zero (CVE-2015-5574) 
    Chris Evans, Ben Hawkes and Mateusz Jurczyk of Google Project Zero (CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5584) 
    instruder of Alibaba Security Threat intelligence centers (CVE-2015-5573, CVE-2015-6677) 
    Keen Team working with HP's Zero Day Initiative (CVE-2015-6678) 
    bilou working with HP's Zero Day Initiative (CVE-2015-5570) 
    bilou (CVE-2015-5567) 
    James Forshaw of Google Project Zero (CVE-2015-5568) 
    Kai Kang of Tencent's Xuanwu Lab (CVE-2015-5581) 
    Alexey Rekish of AddReality (CVE-2015-5572) 
    LMX of Qihoo 360 (CVE-2015-5582, CVE-2015-5588, CVE-2015-6676) 
    Yuki Chen of Qihoo 360 Vulcan Team working with Google's Chrome Rewards Program (CVE-2015-6682) 

Revisions

September 21, 2015: Updated the credit for CVE-2015-6682 from Chris Evans to Yuki Chen of Qihoo 360 Vulcan Team.

Comment 2 Bernhard Wiedemann 2015-09-22 09:00:10 UTC

This is an autogenerated message for OBS integration:
This bug (946880) was mentioned in
https://build.opensuse.org/request/show/332928 Factory:NonFree / flash-player

Comment 3 Andreas Stieger 2015-09-22 11:26:47 UTC

openSUSE 13.2 tested okay
flash-player-kde4-11.2.202.521-2.70.1.x86_64
flash-player-11.2.202.521-2.70.1.x86_64

Comment 4 Swamp Workflow Management 2015-09-23 14:08:28 UTC

openSUSE-SU-2015:1616-1: An update that fixes 23 vulnerabilities is now available.

Category: security (critical)
Bug References: 946880
CVE References: CVE-2015-5567,CVE-2015-5568,CVE-2015-5570,CVE-2015-5571,CVE-2015-5572,CVE-2015-5573,CVE-2015-5574,CVE-2015-5575,CVE-2015-5576,CVE-2015-5577,CVE-2015-5578,CVE-2015-5579,CVE-2015-5580,CVE-2015-5581,CVE-2015-5582,CVE-2015-5584,CVE-2015-5587,CVE-2015-5588,CVE-2015-6676,CVE-2015-6677,CVE-2015-6678,CVE-2015-6679,CVE-2015-6682
Sources used:
openSUSE 13.2:NonFree (src):    flash-player-11.2.202.521-2.70.1
openSUSE 13.1:NonFree (src):    flash-player-11.2.202.521-135.1

Comment 5 Marcus Meissner 2015-09-23 14:22:07 UTC

releasedk, factory nonoss submitted

Comment 6 Markus Kolb 2015-09-25 19:05:28 UTC

Hello,

I've to ask why the flash-player security fixes are always so late in Tumbleweed repository?
Up-to-now there is no fixed package.
This has been for each flash-player security update up-to-now.

Is it required for Tumbleweed users to use the standard-Factory-non-oss repository to get security updates in time?

I don't think that waiting for the Tumbleweed rolling is an adequate security strategy.

Comment 7 Marcus Meissner 2015-09-28 09:53:54 UTC

there is one now. 

tumbleweed non oss publishes only when tumbleweed oss publishes.

We will try to use the update repo next time.

Comment 8 Swamp Workflow Management 2015-10-19 17:09:52 UTC

openSUSE-SU-2015:1781-1: An update that fixes 71 vulnerabilities is now available.

Category: security (critical)
Bug References: 941239,946880,950169,950474
CVE References: CVE-2015-3107,CVE-2015-5124,CVE-2015-5125,CVE-2015-5127,CVE-2015-5128,CVE-2015-5129,CVE-2015-5130,CVE-2015-5131,CVE-2015-5132,CVE-2015-5133,CVE-2015-5134,CVE-2015-5539,CVE-2015-5540,CVE-2015-5541,CVE-2015-5544,CVE-2015-5545,CVE-2015-5546,CVE-2015-5547,CVE-2015-5548,CVE-2015-5549,CVE-2015-5550,CVE-2015-5551,CVE-2015-5552,CVE-2015-5553,CVE-2015-5554,CVE-2015-5555,CVE-2015-5556,CVE-2015-5557,CVE-2015-5558,CVE-2015-5559,CVE-2015-5560,CVE-2015-5561,CVE-2015-5562,CVE-2015-5563,CVE-2015-5567,CVE-2015-5568,CVE-2015-5569,CVE-2015-5570,CVE-2015-5571,CVE-2015-5572,CVE-2015-5573,CVE-2015-5574,CVE-2015-5575,CVE-2015-5576,CVE-2015-5577,CVE-2015-5578,CVE-2015-5579,CVE-2015-5580,CVE-2015-5581,CVE-2015-5582,CVE-2015-5584,CVE-2015-5587,CVE-2015-5588,CVE-2015-6676,CVE-2015-6677,CVE-2015-6678,CVE-2015-6679,CVE-2015-6682,CVE-2015-7625,CVE-2015-7626,CVE-2015-7627,CVE-2015-7628,CVE-2015-7629,CVE-2015-7630,CVE-2015-7631,CVE-2015-7632,CVE-2015-7633,CVE-2015-7634,CVE-2015-7643,CVE-2015-7644,CVE-2015-7645
Sources used:
openSUSE Evergreen 11.4 (src):    flash-player-11.2.202.540-176.1