openSUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1306-1 Rating: important References: #979422 Cross-References: CVE-2016-1006 CVE-2016-1011 CVE-2016-1012 CVE-2016-1013 CVE-2016-1014 CVE-2016-1015 CVE-2016-1016 CVE-2016-1017 CVE-2016-1018 CVE-2016-1019 CVE-2016-1020 CVE-2016-1021 CVE-2016-1022 CVE-2016-1023 CVE-2016-1024 CVE-2016-1025 CVE-2016-1026 CVE-2016-1027 CVE-2016-1028 CVE-2016-1029 CVE-2016-1030 CVE-2016-1031 CVE-2016-1032 CVE-2016-1033 CVE-2016-4117 Affected Products: openSUSE 13.2 NonFree ______________________________________________________________________________ An update that fixes 25 vulnerabilities is now available. Description: This security update for flash-player to 11.2.202.621 fixes the following issues (boo#979422): A critical vulnerability (CVE-2016-4117) exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. (APSA16-02) https://helpx.adobe.com/security/products/flash-player/apsa16-02.html Some CVEs were not listed in the last submission: * APSA16-01, APSB16-10, CVE-2016-1006, CVE-2016-1011, CVE-2016-1012, CVE-2016-1013, CVE-2016-1014, CVE-2016-1015, CVE-2016-1016, CVE-2016-1017, CVE-2016-1018, CVE-2016-1019, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1030, CVE-2016-1031, CVE-2016-1032, CVE-2016-1033 Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2 NonFree: zypper in -t patch openSUSE-2016-585=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 NonFree (i586 x86_64): flash-player-11.2.202.621-2.97.1 flash-player-gnome-11.2.202.621-2.97.1 flash-player-kde4-11.2.202.621-2.97.1 References: https://www.suse.com/security/cve/CVE-2016-1006.html https://www.suse.com/security/cve/CVE-2016-1011.html https://www.suse.com/security/cve/CVE-2016-1012.html https://www.suse.com/security/cve/CVE-2016-1013.html https://www.suse.com/security/cve/CVE-2016-1014.html https://www.suse.com/security/cve/CVE-2016-1015.html https://www.suse.com/security/cve/CVE-2016-1016.html https://www.suse.com/security/cve/CVE-2016-1017.html https://www.suse.com/security/cve/CVE-2016-1018.html https://www.suse.com/security/cve/CVE-2016-1019.html https://www.suse.com/security/cve/CVE-2016-1020.html https://www.suse.com/security/cve/CVE-2016-1021.html https://www.suse.com/security/cve/CVE-2016-1022.html https://www.suse.com/security/cve/CVE-2016-1023.html https://www.suse.com/security/cve/CVE-2016-1024.html https://www.suse.com/security/cve/CVE-2016-1025.html https://www.suse.com/security/cve/CVE-2016-1026.html https://www.suse.com/security/cve/CVE-2016-1027.html https://www.suse.com/security/cve/CVE-2016-1028.html https://www.suse.com/security/cve/CVE-2016-1029.html https://www.suse.com/security/cve/CVE-2016-1030.html https://www.suse.com/security/cve/CVE-2016-1031.html https://www.suse.com/security/cve/CVE-2016-1032.html https://www.suse.com/security/cve/CVE-2016-1033.html https://www.suse.com/security/cve/CVE-2016-4117.html https://bugzilla.suse.com/979422 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org