SUSE-SU-2017:0108-1

security bypass vulnerability that could lead to information disclosure (CVE-2017-2938)
use-after-free vulnerabilities that could lead to code execution (CVE-2017-2932, CVE-2017-2936, CVE-2017-2937)
heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017-2927, CVE-2017-2933, CVE-2017-2934, CVE-2017-2935)
memory corruption vulnerabilities that could lead to code execution (CVE-2017-2925, CVE-2017-2926, CVE-2017-2928, CVE-2017-2930, CVE-2017-2931)

References

Affected packages

Name: flash-player
Purl: pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

24.0.0.194-155.1

{
    "binaries": [
        {
            "flash-player": "24.0.0.194-155.1",
            "flash-player-gnome": "24.0.0.194-155.1"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0108-1.json"

Name: flash-player
Purl: pkg:rpm/suse/flash-player&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

24.0.0.194-155.1

{
    "binaries": [
        {
            "flash-player": "24.0.0.194-155.1",
            "flash-player-gnome": "24.0.0.194-155.1"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0108-1.json"