SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0806-1 Rating: important References: #882187 Cross-References: CVE-2014-0531 CVE-2014-0532 CVE-2014-0533 CVE-2014-0534 CVE-2014-0535 CVE-2014-0536 Affected Products: SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. It includes one version update. Description: flash-player was updated to version 11.2.202.378 to fix the following security issues: * Cross-site-scripting vulnerabilities. (CVE-2014-0531, CVE-2014-0532, CVE-2014-0533) * Security bypass vulnerabilities. (CVE-2014-0534, CVE-2014-0535) * Memory corruption vulnerability that could result in arbitrary code execution. (CVE-2014-0536) More information can be found at http://helpx.adobe.com/security/products/flash-player/apsb14-16.html <http://helpx.adobe.com/security/products/flash-player/apsb14-16.html> . Security Issues references: * CVE-2014-0531 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0531> * CVE-2014-0532 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0532> * CVE-2014-0533 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0533> * CVE-2014-0534 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0534> * CVE-2014-0535 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0535> * CVE-2014-0536 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0536> Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-flash-player-9373 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.378]: flash-player-11.2.202.378-0.3.1 flash-player-gnome-11.2.202.378-0.3.1 flash-player-kde4-11.2.202.378-0.3.1 References: http://support.novell.com/security/cve/CVE-2014-0531.html http://support.novell.com/security/cve/CVE-2014-0532.html http://support.novell.com/security/cve/CVE-2014-0533.html http://support.novell.com/security/cve/CVE-2014-0534.html http://support.novell.com/security/cve/CVE-2014-0535.html http://support.novell.com/security/cve/CVE-2014-0536.html https://bugzilla.novell.com/882187 http://download.suse.com/patch/finder/?keywords=3f55be6c119b579f05c8516f6f04... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org