LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

SUSE alert SUSE-SU-2013:0373-1 (flash-player )



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-security-announce@opensuse.org 


Subject:
    	      [security-announce] SUSE-SU-2013:0373-1: critical: Security update for flash-player 


Date:
    	      Thu, 28 Feb 2013 22:04:26 +0100 (CET)


Message-ID:
    	      <20130228210426.D9C5832161@maintenance.suse.de>


Archive-link:
    	      Article, Thread
              


   SUSE Security Update: Security update for flash-player
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0373-1
Rating:             critical
References:         #806415 
Cross-References:   CVE-2013-0504 CVE-2013-0643 CVE-2013-0648
                   
Affected Products:
                    SUSE Linux Enterprise Desktop 11 SP2
                    SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________

   An update that fixes three vulnerabilities is now
   available. It includes one version update.

Description:


   flash-player has been updated to 11.2.202.273 security
   update, which fixes  several critical security bugs that
   could have been used by remote  attackers to execute code.
   (CVE-2013-0504, CVE-2013-0643, CVE-2013-0648)

   More information can be found on:

   https://www.adobe.com/support/security/bulletins/apsb13-0...
   tml
   <https://www.adobe.com/support/security/bulletins/apsb13-08.

   html>

   Security Issue references:

   * CVE-2013-0504
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0504

   >
   * CVE-2013-0643
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0643

   >
   * CVE-2013-0648
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0648

   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-flash-player-7431

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.273]:

      flash-player-11.2.202.273-0.3.1
      flash-player-gnome-11.2.202.273-0.3.1
      flash-player-kde4-11.2.202.273-0.3.1

   - SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.273]:

      flash-player-11.2.202.273-0.5.1


References:

   http://support.novell.com/security/cve/CVE-2013-0504.html

   http://support.novell.com/security/cve/CVE-2013-0643.html

   http://support.novell.com/security/cve/CVE-2013-0648.html

   https://bugzilla.novell.com/806415

   http://download.novell.com/patch/finder/?keywords=3b0ce79...
   http://download.novell.com/patch/finder/?keywords=a0a5cec...

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds