ArchLinux: 201708-2: flashplugin: multiple issues
Summary
- CVE-2017-3085 (information disclosure)
An information disclosure flaw has been found in Adobe Flash player <
26.0.0.151.
- CVE-2017-3106 (arbitrary code execution)
A type confusion issue has been found in Adobe Flash player <
26.0.0.151, leading to remote code execution.
Resolution
Upgrade to 26.0.0.151-1.
# pacman -Syu "flashplugin>=26.0.0.151-1"
The problems have been fixed upstream in version 26.0.0.151.
References
https://helpx.adobe.com/support/programs/support-options-free-discontinued-apps-services.html https://security.archlinux.org/CVE-2017-3085 https://security.archlinux.org/CVE-2017-3106
Workaround
None.