openSUSE Security Update: flash-player: Fixed remote code execution ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0321-1 Rating: important References: #612063 Cross-References: CVE-2008-4546 CVE-2009-3793 CVE-2010-1297 CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 CVE-2010-2172 CVE-2010-2173 CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 CVE-2010-2187 CVE-2010-2188 CVE-2010-2189 Affected Products: openSUSE 11.2 openSUSE 11.1 openSUSE 11.0 ______________________________________________________________________________ An update that fixes 32 vulnerabilities is now available. It includes one version update. Description: This Flash Player update fixes multiple critical security vulnerabilities which allow an attacker to remotely execute arbitrary code or to cause a denial of service. The following CVE numbers have been assigned: CVE-2008-4546, CVE-2009-3793, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182, CVE-2010-2183, CVE-2010-2184, CVE-2010-2185, CVE-2010-2186, CVE-2010-2187, CVE-2010-2188, CVE-2010-2189 Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.2: zypper in -t patch flash-player-2542 - openSUSE 11.1: zypper in -t patch flash-player-2542 - openSUSE 11.0: zypper in -t patch flash-player-2542 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.2 (i586 src) [New Version: 10.1.53.64]: flash-player-10.1.53.64-1.1.1 - openSUSE 11.1 (i586 src) [New Version: 10.1.53.64]: flash-player-10.1.53.64-1.1.1 - openSUSE 11.0 (i586 src) [New Version: 10.1.53.64]: flash-player-10.1.53.64-1.1 References: http://support.novell.com/security/cve/CVE-2008-4546.html http://support.novell.com/security/cve/CVE-2009-3793.html http://support.novell.com/security/cve/CVE-2010-1297.html http://support.novell.com/security/cve/CVE-2010-2160.html http://support.novell.com/security/cve/CVE-2010-2161.html http://support.novell.com/security/cve/CVE-2010-2162.html http://support.novell.com/security/cve/CVE-2010-2163.html http://support.novell.com/security/cve/CVE-2010-2164.html http://support.novell.com/security/cve/CVE-2010-2165.html http://support.novell.com/security/cve/CVE-2010-2166.html http://support.novell.com/security/cve/CVE-2010-2167.html http://support.novell.com/security/cve/CVE-2010-2169.html http://support.novell.com/security/cve/CVE-2010-2170.html http://support.novell.com/security/cve/CVE-2010-2171.html http://support.novell.com/security/cve/CVE-2010-2172.html http://support.novell.com/security/cve/CVE-2010-2173.html http://support.novell.com/security/cve/CVE-2010-2174.html http://support.novell.com/security/cve/CVE-2010-2175.html http://support.novell.com/security/cve/CVE-2010-2176.html http://support.novell.com/security/cve/CVE-2010-2177.html http://support.novell.com/security/cve/CVE-2010-2178.html http://support.novell.com/security/cve/CVE-2010-2179.html http://support.novell.com/security/cve/CVE-2010-2180.html http://support.novell.com/security/cve/CVE-2010-2181.html http://support.novell.com/security/cve/CVE-2010-2182.html http://support.novell.com/security/cve/CVE-2010-2183.html http://support.novell.com/security/cve/CVE-2010-2184.html http://support.novell.com/security/cve/CVE-2010-2185.html http://support.novell.com/security/cve/CVE-2010-2186.html http://support.novell.com/security/cve/CVE-2010-2187.html http://support.novell.com/security/cve/CVE-2010-2188.html http://support.novell.com/security/cve/CVE-2010-2189.html https://bugzilla.novell.com/612063