Adobe has released Flash Player 11.2.202.442 for Linux to correct the following flaws: These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, CVE-2015-0322). These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, CVE-2015-0330). These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2015-0317, CVE-2015-0319). These updates resolve heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-0323, CVE-2015-0327). These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-0324). These updates resolve null pointer dereference issues (CVE-2015-0325, CVE-2015-0326, CVE-2015-0328). External References: https://helpx.adobe.com/security/products/flash-player/apsb15-04.html
Note that CVE-2015-0313 is tracked via separate bug 1188329. According to information in APSA15-02 Flash Player versions 11.x were not affected by that issue.
This issue has been addressed in the following products: Supplementary for Red Hat Enterprise Linux 6 Supplementary for Red Hat Enterprise Linux 5 Via RHSA-2015:0140 https://rhn.redhat.com/errata/RHSA-2015-0140.html
https://helpx.adobe.com/security/products/flash-player/apsb15-04.html was updated today with: """ Added reference to CVE-2015-0331, which was resolved in 16.0.0.305, 13.0.0.269 and 11.2.202.442 but inadvertently omitted from the bulletin. """ Adding alias.