Overview

File _patchinfo of Package patchinfo.4386

<patchinfo incident="4386">
  <issue tracker="bnc" id="1029374">VUL-0: flash-player: version update 25.0.0.127 (APSB17-07)</issue>
  <issue tracker="cve" id="2017-2997"/>
  <issue tracker="cve" id="2017-2998"/>
  <issue tracker="cve" id="2017-2999"/>
  <issue tracker="cve" id="2017-3000"/>
  <issue tracker="cve" id="2017-3001"/>
  <issue tracker="cve" id="2017-3002"/>
  <issue tracker="cve" id="2017-3003"/>
  <category>security</category>
  <rating>important</rating>
  <packager>abergmann</packager>
  <description>
This update for flash-player fixes the following issues:

Security update to 25.0.0.127 (bsc#1029374), fixing the following vulnerabilities advised under APSB17-07:
- CVE-2017-2997: This update resolves a buffer overflow vulnerability that could lead to code execution.
- CVE-2017-2998, CVE-2017-2999: This update resolves memory corruption vulnerabilities that could lead to
  code execution.
- CVE-2017-3000: This update resolves a random number generator vulnerability used for constant blinding
  that could lead to information disclosure.
- CVE-2017-3001, CVE-2017-3002, CVE-2017-3003: This update resolves use-after-free vulnerabilities that
  could lead to code execution.
- Details:
  https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
</description>
  <summary>Security update for flash-player</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places