openSUSE Security Update: flash-player: Update to 10.3.181.26 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0637-1 Rating: critical References: #699942 Cross-References: CVE-2011-2110 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. It includes one version update. Description: A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch flash-player-4716 - openSUSE 11.3: zypper in -t patch flash-player-4716 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586) [New Version: 10.3.181.26]: flash-player-10.3.181.26-0.2.1 - openSUSE 11.3 (i586) [New Version: 10.3.181.26]: flash-player-10.3.181.26-0.2.1 References: http://support.novell.com/security/cve/CVE-2011-2110.html https://bugzilla.novell.com/699942