Bug 946880 - (CVE-2015-5567) VUL-0: flash-player: security update to (APSB15-23)
VUL-0: flash-player: security update to (APSB15-23)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P1 - Urgent : Major
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2015-09-22 08:21 UTC by Marcus Meissner
Modified: 2016-04-27 14:42 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2015-09-22 08:21:40 UTC

Release date: September 21, 2015

Vulnerability identifier: APSB15-23

Priority: See table below

CVE number: CVE-2015-5567, CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682

Vulnerability Details

    These updates resolve a type confusion vulnerability that could lead to code execution (CVE-2015-5573). 
    These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-5570, CVE-2015-5574, CVE-2015-5581, CVE-2015-5584, CVE-2015-6682). 
    These updates resolve buffer overflow vulnerabilities that could lead to code execution (CVE-2015-6676, CVE-2015-6678). 
    These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-5575, CVE-2015-5577, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, CVE-2015-6677). 
    These updates include additional validation checks to ensure that Flash Player rejects malicious content from vulnerable JSONP callback APIs  (CVE-2015-5571). 
    These updates resolve a memory leak vulnerability (CVE-2015-5576). 
    These updates include further hardening to a mitigation to defend against vector length corruptions  (CVE-2015-5568). 
    These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2015-5567, CVE-2015-5579). 
    These updates resolve a stack overflow vulnerability that could lead to code execution (CVE-2015-5587). 
    These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-5572). 
    These updates resolve a vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2015-6679).


Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers: 

    Ben Hayak (CVE-2015-5571) 
    Jing Chen Liu of Alibaba Security Research Team (CVE-2015-5587) 
    Malte Batram (CVE-2015-6679) 
    Natalie Silvanovich of Google Project Zero (CVE-2015-5574) 
    Chris Evans, Ben Hawkes and Mateusz Jurczyk of Google Project Zero (CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5584) 
    instruder of Alibaba Security Threat intelligence centers (CVE-2015-5573, CVE-2015-6677) 
    Keen Team working with HP's Zero Day Initiative (CVE-2015-6678) 
    bilou working with HP's Zero Day Initiative (CVE-2015-5570) 
    bilou (CVE-2015-5567) 
    James Forshaw of Google Project Zero (CVE-2015-5568) 
    Kai Kang of Tencent's Xuanwu Lab (CVE-2015-5581) 
    Alexey Rekish of AddReality (CVE-2015-5572) 
    LMX of Qihoo 360 (CVE-2015-5582, CVE-2015-5588, CVE-2015-6676) 
    Yuki Chen of Qihoo 360 Vulcan Team working with Google's Chrome Rewards Program (CVE-2015-6682) 


September 21, 2015: Updated the credit for CVE-2015-6682 from Chris Evans to Yuki Chen of Qihoo 360 Vulcan Team.
Comment 2 Bernhard Wiedemann 2015-09-22 09:00:10 UTC
This is an autogenerated message for OBS integration:
This bug (946880) was mentioned in
https://build.opensuse.org/request/show/332928 Factory:NonFree / flash-player
Comment 3 Andreas Stieger 2015-09-22 11:26:47 UTC
openSUSE 13.2 tested okay
Comment 4 Swamp Workflow Management 2015-09-23 14:08:28 UTC
openSUSE-SU-2015:1616-1: An update that fixes 23 vulnerabilities is now available.

Category: security (critical)
Bug References: 946880
CVE References: CVE-2015-5567,CVE-2015-5568,CVE-2015-5570,CVE-2015-5571,CVE-2015-5572,CVE-2015-5573,CVE-2015-5574,CVE-2015-5575,CVE-2015-5576,CVE-2015-5577,CVE-2015-5578,CVE-2015-5579,CVE-2015-5580,CVE-2015-5581,CVE-2015-5582,CVE-2015-5584,CVE-2015-5587,CVE-2015-5588,CVE-2015-6676,CVE-2015-6677,CVE-2015-6678,CVE-2015-6679,CVE-2015-6682
Sources used:
openSUSE 13.2:NonFree (src):    flash-player-
openSUSE 13.1:NonFree (src):    flash-player-
Comment 5 Marcus Meissner 2015-09-23 14:22:07 UTC
releasedk, factory nonoss submitted
Comment 6 Markus Kolb 2015-09-25 19:05:28 UTC

I've to ask why the flash-player security fixes are always so late in Tumbleweed repository?
Up-to-now there is no fixed package.
This has been for each flash-player security update up-to-now.

Is it required for Tumbleweed users to use the standard-Factory-non-oss repository to get security updates in time?

I don't think that waiting for the Tumbleweed rolling is an adequate security strategy.
Comment 7 Marcus Meissner 2015-09-28 09:53:54 UTC
there is one now. 

tumbleweed non oss publishes only when tumbleweed oss publishes.

We will try to use the update repo next time.
Comment 8 Swamp Workflow Management 2015-10-19 17:09:52 UTC
openSUSE-SU-2015:1781-1: An update that fixes 71 vulnerabilities is now available.

Category: security (critical)
Bug References: 941239,946880,950169,950474
CVE References: CVE-2015-3107,CVE-2015-5124,CVE-2015-5125,CVE-2015-5127,CVE-2015-5128,CVE-2015-5129,CVE-2015-5130,CVE-2015-5131,CVE-2015-5132,CVE-2015-5133,CVE-2015-5134,CVE-2015-5539,CVE-2015-5540,CVE-2015-5541,CVE-2015-5544,CVE-2015-5545,CVE-2015-5546,CVE-2015-5547,CVE-2015-5548,CVE-2015-5549,CVE-2015-5550,CVE-2015-5551,CVE-2015-5552,CVE-2015-5553,CVE-2015-5554,CVE-2015-5555,CVE-2015-5556,CVE-2015-5557,CVE-2015-5558,CVE-2015-5559,CVE-2015-5560,CVE-2015-5561,CVE-2015-5562,CVE-2015-5563,CVE-2015-5567,CVE-2015-5568,CVE-2015-5569,CVE-2015-5570,CVE-2015-5571,CVE-2015-5572,CVE-2015-5573,CVE-2015-5574,CVE-2015-5575,CVE-2015-5576,CVE-2015-5577,CVE-2015-5578,CVE-2015-5579,CVE-2015-5580,CVE-2015-5581,CVE-2015-5582,CVE-2015-5584,CVE-2015-5587,CVE-2015-5588,CVE-2015-6676,CVE-2015-6677,CVE-2015-6678,CVE-2015-6679,CVE-2015-6682,CVE-2015-7625,CVE-2015-7626,CVE-2015-7627,CVE-2015-7628,CVE-2015-7629,CVE-2015-7630,CVE-2015-7631,CVE-2015-7632,CVE-2015-7633,CVE-2015-7634,CVE-2015-7643,CVE-2015-7644,CVE-2015-7645
Sources used:
openSUSE Evergreen 11.4 (src):    flash-player-