Upstream announcemnet:
https://helpx.adobe.com/security/products/flash-player/apsb18-42.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-42
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address one critical
vulnerability in Adobe Flash Player and one important vulnerability in
Adobe Flash Player installer. Successful exploitation could lead to
Arbitrary Code Execution and privilege escalation in the context of
the current user respectively.
Adobe is aware of reports that an exploit for CVE-2018-15982 exists in
the wild.
Upstream announcemnet:
https://helpx.adobe.com/security/products/flash-player/apsb18-44.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-44
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address a critical vulnerability
in Adobe Flash Player 31.0.0.148 and earlier versions. Successful
exploitation could lead to arbitrary code execution in the context of
the current user.
Technical details about this vulnerability are publicly available.
Upstream announcemnet:
https://helpx.adobe.com/security/products/flash-player/apsb18-39.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-39
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address an important
vulnerability in Adobe Flash Player 31.0.0.122 and earlier versions.
Successful exploitation could lead to information disclosure.
Upstream announcemnet:
https://helpx.adobe.com/security/products/flash-player/apsb18-35.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-35
Summary
Adobe has released updates for Adobe Flash Player for Windows, macOS,
Linux and Chrome OS. These updates address feature and performance
bugs, and do not include security fixes.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-31.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-31
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address an important
vulnerability in Adobe Flash Player 30.0.0.154 and earlier versions.
Successful exploitation could lead to information disclosure.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-25.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-25
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address important
vulnerabilities in Adobe Flash Player 30.0.0.134 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-24.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-24
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address critical
vulnerabilities in Adobe Flash Player 30.0.0.113 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-19
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
macOS, Linux and Chrome OS. These updates address critical
vulnerabilities in Adobe Flash Player 29.0.0.171 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
Adobe is aware of a report that an exploit for CVE-2018-5002 exists
in the wild, and is being used in limited, targeted attacks against
Windows users. These attacks leverage Office documents with embedded
malicious Flash Player content distributed via email.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-16
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. These updates address critical
vulnerabilities in Adobe Flash Player 29.0.0.140 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-08
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. These updates address critical
vulnerabilities in Adobe Flash Player 29.0.0.113 and earlier versions.
Successful exploitation could lead to arbitrary code execution in
the context of the current user.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-05.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-05
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. These updates address critical
vulnerabilities in Adobe Flash Player 28.0.0.161 and earlier versions.
Successful exploitation could lead to arbitrary code execution in the
context of the current user.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-03
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. These updates address critical
vulnerabilities that could lead to remote code execution in Adobe Flash
Player 28.0.0.137 and earlier versions. Successful exploitation could
potentially allow an attacker to take control of the affected system.
Adobe is aware of a report that an exploit for CVE-2018-4878 exists in
the wild, and is being used in limited, targeted attacks against Windows
users. These attacks leverage Office documents with embedded malicious
Flash content distributed via email.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB18-01
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. These updates address an important
out-of-bounds read vulnerability that could lead to information exposure.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb17-42.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB17-42
Summary
Adobe has released a security update for Adobe Flash Player for
Windows, Macintosh, Linux and Chrome OS. This update addresses
a regression that could lead to the unintended reset of the
global settings preference file.
Upstream announcement:
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
Adobe Security Bulletin
Summary
Adobe has released a security update for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. This update addresses a critical type
confusion vulnerability that could lead to code execution.
Adobe is aware of a report that an exploit for CVE-2017-11292 exists
in the wild, and is being used in limited, targeted attacks against
users running Windows.
Note this version seems to include a fix for crash of nspluginwrapper
(npviewer.bin) on NetBSD/i386 7.1 with pulseaudio (i.e. no libflashsupport)
settings.
Upstream changes:
https://helpx.adobe.com/security/products/flash-player/apsb17-31.html
Adobe Security Bulletin
Summary
Adobe has released an update for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. This monthly update addresses
functionality bugs.
It looks adobe flash player 27 now requires udev support to play sound,
but at least NetBSD/i386 7.1 with nspluginwrapper can't handle it.
XXX: old vulnerable binaries on upstream will be removed soon
Upstream announcemnt:
26.0.0.131:
https://helpx.adobe.com/flash-player/release-note/fp_26_air_26_release_notes.html
June 16, 2017
Flash Player
* Buttons can't be clicked in some AS2 content (FP-4198473)
---
26.0.0.126:
https://helpx.adobe.com/security/products/flash-player/apsb17-17.html
Adobe Security Bulletin
Security updates available for Flash Player | APSB17-17
Summary
Adobe has released security updates for Adobe Flash Player for Windows,
Macintosh, Linux and Chrome OS. These updates address critical
vulnerabilities that could potentially allow an attacker to take
control of the affected system.
(CVE numbers are now in HTML table as details so not copy-n-paste'd to
commit log)
Upstream announcements:
https://helpx.adobe.com/security/products/flash-player/apsb17-15.html
Security updates available for Adobe Flash Player
Release date: May 9, 2017
Vulnerability identifier: APSB17-15
CVE number: CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3071,
CVE-2017-3072, CVE-2017-3073, CVE-2017-3074
Platform: Windows, Macintosh, Linux and Chrome OS
Upstream announcements:
https://helpx.adobe.com/security/products/flash-player/apsb17-07.html
Security updates available for Adobe Flash Player
Release date: March 14, 2017
Vulnerability identifier: APSB17-07
CVE number: CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000,
CVE-2017-3001, CVE-2017-3002, CVE-2017-3003
Platform: Windows, Macintosh, Linux and Chrome OS
for future major version bump with compatibility.
We had multiple adobe-flash-plugin versions in the past because
newer 11.x versions didn't work on older (4.x) NetBSD systems.
However I guess Adobe will not put aggressive changes that require
newer Linux kernel version (i.e. emul.linux.kern.osrelease on NetBSD)
in future periodical major updates, as per their announcements:
https://blogs.adobe.com/flashplayer/2016/08/beta-news-flash-player-npapi-for-linux.html
> Because this change is primarily a security initiative, some features
> (like GPU 3D acceleration and premium video DRM) will not be fully
> implemented.
No objection on pkgsrc-users@:
http://mail-index.netbsd.org/pkgsrc-users/2017/03/14/msg024523.html
Also ok'ed by gdt@ in private mail.
---
NPAPI Adobe Flash player plugin for the Firefox browser.
This package contains a plugin that enables web browsers to render
the Flash format.
The nspluginwrapper option (enabled by default on non Linux platforms)
permits the use of the the Linux x86 and x86_64 flash player in Firefox
browsers on other x86 systems and x86_64 systems.
For NetBSD this package requires NetBSD 6.2 or 7.1 (and later versions)
which include procfs fixes for Linux binaries.
