Security update for flash-player

SUSE Security Update: Security update for flash-player
Announcement ID: SUSE-SU-2013:1213-1
Rating: important
References: #828810
Affected Products:
  • SUSE Linux Enterprise Desktop 11 SP3
  • SUSE Linux Enterprise Desktop 11 SP2
  • SUSE Linux Enterprise Desktop 10 SP4

  • An update that fixes three vulnerabilities is now available. It includes one version update.

    Description:


    Adobe flash-player has been updated to version 11.2.202.291
    (ABSP13-17) which fixes bugs and security issues.

    This update fixes the following security issues:

    *

    a heap buffer overflow vulnerability that could have
    lead to code execution (CVE-2013-3344).

    *

    a memory corruption vulnerability that could have
    lead to code execution (CVE-2013-3345).

    *

    an integer overflow when resampling a user-supplied
    PCM buffer (CVE-2013-3347).

    Official advisory can be found on

    http://www.adobe.com/support/security/bulletins/apsb13-17.ht
    ml
    tml>

    Security Issue references:

    * CVE-2013-3344
    >
    * CVE-2013-3345
    >
    * CVE-2013-3347
    >

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Desktop 11 SP3:
      zypper in -t patch sledsp3-flash-player-8039
    • SUSE Linux Enterprise Desktop 11 SP2:
      zypper in -t patch sledsp2-flash-player-8038

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.297]:
    • flash-player-11.2.202.297-0.3.1
    • flash-player-gnome-11.2.202.297-0.3.1
    • flash-player-kde4-11.2.202.297-0.3.1
    • SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 11.2.202.297]:
    • flash-player-11.2.202.297-0.3.1
    • flash-player-gnome-11.2.202.297-0.3.1
    • flash-player-kde4-11.2.202.297-0.3.1
    • SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 11.2.202.297]:
    • flash-player-11.2.202.297-0.5.2

    References:

    • http://support.novell.com/security/cve/CVE-2013-3344.html
    • http://support.novell.com/security/cve/CVE-2013-3345.html
    • http://support.novell.com/security/cve/CVE-2013-3347.html
    • https://bugzilla.novell.com/828810
    • http://download.suse.com/patch/finder/?keywords=2a99ce6c544e43d5065f403d412927eb
    • http://download.suse.com/patch/finder/?keywords=a62a96037c69a861417e569c4f78a0ff
    • http://download.suse.com/patch/finder/?keywords=bda18521b2a6248c706df2f3b0650967