SUSE 5145 Published by

A flash-player update is available for openSUSE 11.3/11.4



______________________________________________________________________________

Announcement ID: openSUSE-SU-2011:0637-1
Rating: critical
References: #699942
Cross-References: CVE-2011-2110
Affected Products:
openSUSE 11.4
openSUSE 11.3
______________________________________________________________________________

An update that fixes one vulnerability is now available. It
includes one version update.

Description:

A critical vulnerability has been identified in Adobe Flash
Player 10.3.181.23 and earlier versions for Windows,
Macintosh, Linux and Solaris, and Adobe Flash Player
10.3.185.23 and earlier versions for Android. This memory
corruption vulnerability (CVE-2011-2110) could cause a
crash and potentially allow an attacker to take control of
the affected system. There are reports that this
vulnerability is being exploited in the wild in targeted
attacks via malicious Web pages.


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch flash-player-4716

- openSUSE 11.3:

zypper in -t patch flash-player-4716

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.4 (i586) [New Version: 10.3.181.26]:

flash-player-10.3.181.26-0.2.1

- openSUSE 11.3 (i586) [New Version: 10.3.181.26]:

flash-player-10.3.181.26-0.2.1


References:

http://support.novell.com/security/cve/CVE-2011-2110.html
https://bugzilla.novell.com/699942