openSUSE Security Update: flash-player: Update to 10.2.153.1 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0215-1 Rating: critical References: #679672 Cross-References: CVE-2011-0609 Affected Products: openSUSE 11.4 openSUSE 11.3 openSUSE 11.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: The Adobe Flash Player was updated to the 10.2.153.1, fixing several bugs and one security issue. This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch flash-player-4187 - openSUSE 11.3: zypper in -t patch flash-player-4187 - openSUSE 11.2: zypper in -t patch flash-player-4187 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586) [New Version: 10.2.153.1]: flash-player-10.2.153.1-0.2.1 - openSUSE 11.3 (i586) [New Version: 10.2.153.1]: flash-player-10.2.153.1-0.2.1 - openSUSE 11.2 (i586) [New Version: 10.2.153.1]: flash-player-10.2.153.1-0.2.1 References: http://support.novell.com/security/cve/CVE-2011-0609.html https://bugzilla.novell.com/679672