Security update for flash-player SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1958-1 Final 1 1 2015-11-11T12:27:03Z current 2015-11-11T12:27:03Z 2015-11-11T12:27:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for flash-player The flash-player package was updated to fix the following security issues: - Security update to 11.2.202.548 (bsc#954512): * APSB15-28, CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661, CVE-2015-7662, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, CVE-2015-8046 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-2015-824,SUSE-SLE-WE-12-2015-824 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ Link for SUSE-SU-2015:1958-1 https://lists.suse.com/pipermail/sle-security-updates/2015-November/001673.html E-Mail link for SUSE-SU-2015:1958-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/954512 SUSE Bug 954512 https://www.suse.com/security/cve/CVE-2015-7651/ SUSE CVE CVE-2015-7651 page https://www.suse.com/security/cve/CVE-2015-7652/ SUSE CVE CVE-2015-7652 page https://www.suse.com/security/cve/CVE-2015-7653/ SUSE CVE CVE-2015-7653 page https://www.suse.com/security/cve/CVE-2015-7654/ SUSE CVE CVE-2015-7654 page https://www.suse.com/security/cve/CVE-2015-7655/ SUSE CVE CVE-2015-7655 page https://www.suse.com/security/cve/CVE-2015-7656/ SUSE CVE CVE-2015-7656 page https://www.suse.com/security/cve/CVE-2015-7657/ SUSE CVE CVE-2015-7657 page https://www.suse.com/security/cve/CVE-2015-7658/ SUSE CVE CVE-2015-7658 page https://www.suse.com/security/cve/CVE-2015-7659/ SUSE CVE CVE-2015-7659 page https://www.suse.com/security/cve/CVE-2015-7660/ SUSE CVE CVE-2015-7660 page https://www.suse.com/security/cve/CVE-2015-7661/ SUSE CVE CVE-2015-7661 page https://www.suse.com/security/cve/CVE-2015-7662/ SUSE CVE CVE-2015-7662 page https://www.suse.com/security/cve/CVE-2015-7663/ SUSE CVE CVE-2015-7663 page https://www.suse.com/security/cve/CVE-2015-8042/ SUSE CVE CVE-2015-8042 page https://www.suse.com/security/cve/CVE-2015-8043/ SUSE CVE CVE-2015-8043 page https://www.suse.com/security/cve/CVE-2015-8044/ SUSE CVE CVE-2015-8044 page https://www.suse.com/security/cve/CVE-2015-8046/ SUSE CVE CVE-2015-8046 page SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Workstation Extension 12 flash-player-11.2.202.548-111.1 flash-player-gnome-11.2.202.548-111.1 flash-player-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-gnome-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Desktop 12 flash-player-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-gnome-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Workstation Extension 12 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted DefineFunction atoms, a different vulnerability than CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7651 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7651.html CVE-2015-7651 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted gridFitType property value, a different vulnerability than CVE-2015-7651, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7652 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7652.html CVE-2015-7652 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted globalToLocal arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7653 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7653.html CVE-2015-7653 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted attachSound arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7654 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7654.html CVE-2015-7654 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionExtends arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7655 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7655.html CVE-2015-7655 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionImplementsOp arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7656 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7656.html CVE-2015-7656 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionCallMethod arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7657 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7657.html CVE-2015-7657 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted actionInstanceOf arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7658 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7658.html CVE-2015-7658 https://bugzilla.suse.com/954512 SUSE Bug 954512 Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion" in the NetConnection object implementation. CVE-2015-7659 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7659.html CVE-2015-7659 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via crafted setMask arguments, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7660 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7660.html CVE-2015-7660 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted getBounds call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7661 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7661.html CVE-2015-7661 https://bugzilla.suse.com/954512 SUSE Bug 954512 Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write to files via unspecified vectors. CVE-2015-7662 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 7.8 AV:N/AC:L/Au:N/C:N/I:C/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7662.html CVE-2015-7662 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-8042, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-7663 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-7663.html CVE-2015-7663 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via a crafted loadSound call, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8043, CVE-2015-8044, and CVE-2015-8046. CVE-2015-8042 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-8042.html CVE-2015-8042 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8044, and CVE-2015-8046. CVE-2015-8043 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-8043.html CVE-2015-8043 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8046. CVE-2015-8044 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-8044.html CVE-2015-8044 https://bugzilla.suse.com/954512 SUSE Bug 954512 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8044. CVE-2015-8046 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.548-111.1 moderate 10 AV:N/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151958-1/ https://www.suse.com/security/cve/CVE-2015-8046.html CVE-2015-8046 https://bugzilla.suse.com/954512 SUSE Bug 954512