Articles / SuSE: New flash-player pack…

SuSE: New flash-player packages fix security vulnerabilities

flash-player was updated to fix various security issues, some already exploited in the wild. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. This update also resolves a universal cross-site scripting vulnerability that could be used to take actions on a user’s behalf on any website or webmail provider, if the user visits a malicious website. Updated packages are available from download.opensuse.org.

  openSUSE Security Update: flash-player to 11.1.102.62
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2012:0265-1
Rating:             critical
References:         #747297 
Cross-References:   CVE-2012-0751 CVE-2012-0752 CVE-2012-0753
                   CVE-2012-0754 CVE-2012-0755 CVE-2012-0756
                   CVE-2012-0767
Affected Products:
                   openSUSE 11.4
______________________________________________________________________________

  An update that fixes 7 vulnerabilities is now available. It
  includes one version update.

Description:

  flash-player was updated to the security update to
  11.1.102.62.

  It fixes lots of security issues, some already exploited in
  the wild.

  Details can be found on:
  https://www.adobe.com/support/security/bulletins/apsb12-03.h
  tml

  These vulnerabilities could cause a crash and potentially
  allow an attacker to take control of the affected system.
  This update also resolves a universal cross-site scripting
  vulnerability that could be used to take actions on a
  user's behalf on any website or webmail provider, if the
  user visits a malicious website. There are reports that
  this vulnerability (CVE-2012-0767) is being exploited in
  the wild in active targeted attacks designed to trick the
  user into clicking on a malicious link delivered in an
  email message (Internet Explorer on Windows only).


Patch Instructions:

  To install this openSUSE Security Update use YaST online_update.
  Alternatively you can run the command listed for your product:

  - openSUSE 11.4:

     zypper in -t patch flash-player-5812

  To bring your system up-to-date, use "zypper patch".


Package List:

  - openSUSE 11.4 (i586 x86_64) [New Version: 11.1.102.62]:

     flash-player-11.1.102.62-0.7.1


References:

  http://support.novell.com/security/cve/CVE-2012-0751.html
  http://support.novell.com/security/cve/CVE-2012-0752.html
  http://support.novell.com/security/cve/CVE-2012-0753.html
  http://support.novell.com/security/cve/CVE-2012-0754.html
  http://support.novell.com/security/cve/CVE-2012-0755.html
  http://support.novell.com/security/cve/CVE-2012-0756.html
  http://support.novell.com/security/cve/CVE-2012-0767.html
  https://bugzilla.novell.com/747297
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.