Security update for flash-player

SUSE Security Update: Security update for flash-player

Announcement ID:	SUSE-SU-2014:0806-1
Rating:	important
References:	#882187
Affected Products:	SUSE Linux Enterprise Desktop 11 SP3

An update that fixes 6 vulnerabilities is now available. It includes one version update.

Description:

flash-player was updated to version 11.2.202.378 to fix the following
security issues:

* Cross-site-scripting vulnerabilities. (CVE-2014-0531, CVE-2014-0532,
CVE-2014-0533)
* Security bypass vulnerabilities. (CVE-2014-0534, CVE-2014-0535)
* Memory corruption vulnerability that could result in arbitrary code
execution. (CVE-2014-0536)

More information can be found at
http://helpx.adobe.com/security/products/flash-player/apsb14-16.html
.

Security Issues references:

* CVE-2014-0531

* CVE-2014-0532

* CVE-2014-0533

* CVE-2014-0534

* CVE-2014-0535

* CVE-2014-0536

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Desktop 11 SP3:
zypper in -t patch sledsp3-flash-player-9373

To bring your system up-to-date, use "zypper patch".

Package List:

SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 11.2.202.378]:
- flash-player-11.2.202.378-0.3.1
- flash-player-gnome-11.2.202.378-0.3.1
- flash-player-kde4-11.2.202.378-0.3.1

References:

http://support.novell.com/security/cve/CVE-2014-0531.html
http://support.novell.com/security/cve/CVE-2014-0532.html
http://support.novell.com/security/cve/CVE-2014-0533.html
http://support.novell.com/security/cve/CVE-2014-0534.html
http://support.novell.com/security/cve/CVE-2014-0535.html
http://support.novell.com/security/cve/CVE-2014-0536.html
https://bugzilla.novell.com/882187
http://download.suse.com/patch/finder/?keywords=3f55be6c119b579f05c8516f6f0484dc