Arch Linux 811 Published by

The following updates has been released for Arch Linux:

ASA-201806-5: firefox: arbitrary code execution
The package firefox before version 60.0.2-1 is vulnerable to arbitrary code execution.

ASA-201806-6: p7zip: arbitrary code execution
The package p7zip before version 16.02-5 is vulnerable to arbitrary code execution.

ASA-201806-7: flashplugin: multiple issues
The package flashplugin before version 30.0.0.113-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.



ASA-201806-5: firefox: arbitrary code execution


Arch Linux Security Advisory ASA-201806-5
=========================================

Severity: High
Date : 2018-06-08
CVE-ID : CVE-2018-6126
Package : firefox
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-715

Summary
=======

The package firefox before version 60.0.2-1 is vulnerable to arbitrary
code execution.

Resolution
==========

Upgrade to 60.0.2-1.

# pacman -Syu "firefox>=60.0.2-1"

The problem has been fixed upstream in version 60.0.2.

Workaround
==========

None.

Description
===========

A heap-based buffer overflow has been found in the Skia component of
the Firefox browser before 60.0.2, when rasterizing paths using a
maliciously crafted SVG file with anti-aliasing turned off.

Impact
======

A remote attacker can execute arbitrary code via a crafted SVG file.

References
==========

https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-14/#CVE-2018-6126
https://bugzilla.mozilla.org/show_bug.cgi?id=1462682
https://security.archlinux.org/CVE-2018-6126

ASA-201806-6: p7zip: arbitrary code execution


Content-Type: text/plain; charset=utf-8
Content-Language: en-GB
Content-Transfer-Encoding: quoted-printable

Arch Linux Security Advisory ASA-201806-6
=========================================

Severity: Critical
Date : 2018-06-09
CVE-ID : CVE-2018-10115
Package : p7zip
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-714

Summary
=======

The package p7zip before version 16.02-5 is vulnerable to arbitrary
code execution.

Resolution
==========

Upgrade to 16.02-5.

# pacman -Syu "p7zip>=16.02-5"

The problem has been fixed upstream in version 18.05.

Workaround
==========

None.

Description
===========

An uninitialized memory security issue has been found in the RAR
decoder component of 7-Zip before 18.05, resulting in arbitrary code
execution.

Impact
======

A remote attacker can execute arbitrary code via a crafted RAR file.

References
==========

https://bugs.archlinux.org/task/58907
https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/
https://landave.io/files/patch_7zip_CVE-2018-10115.txt
https://security.archlinux.org/CVE-2018-10115

ASA-201806-7: flashplugin: multiple issues


Arch Linux Security Advisory ASA-201806-7
=========================================

Severity: Critical
Date : 2018-06-09
CVE-ID : CVE-2018-4945 CVE-2018-5000 CVE-2018-5001 CVE-2018-5002
Package : flashplugin
Type : multiple issues
Remote : Yes
Link : https://security.archlinux.org/AVG-716

Summary
=======

The package flashplugin before version 30.0.0.113-1 is vulnerable to
multiple issues including arbitrary code execution and information
disclosure.

Resolution
==========

Upgrade to 30.0.0.113-1.

# pacman -Syu "flashplugin>=30.0.0.113-1"

The problems have been fixed upstream in version 30.0.0.113.

Workaround
==========

None.

Description
===========

- CVE-2018-4945 (arbitrary code execution)

A type confusion issue has been found in Adobe Flash Player before
30.0.0.113, leading to arbitrary code execution.

- CVE-2018-5000 (information disclosure)

An integer overflow issue has been found in Adobe Flash Player before
30.0.0.113, leading to information disclosure.

- CVE-2018-5001 (information disclosure)

An out-of-bounds read has been found in Adobe Flash Player before
30.0.0.113, leading to information disclosure.

- CVE-2018-5002 (arbitrary code execution)

A stack-based buffer overflow has been found in Adobe Flash Player
before 30.0.0.113, leading to arbitrary code execution.

Impact
======

A remote attacker can access sensitive information or execute arbitrary
code via a crafted Flash file.

References
==========

https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
https://security.archlinux.org/CVE-2018-4945
https://security.archlinux.org/CVE-2018-5000
https://security.archlinux.org/CVE-2018-5001
https://security.archlinux.org/CVE-2018-5002