Security update for flash-player

SUSE Security Update: Security update for flash-player
Announcement ID: SUSE-SU-2012:0280-1
Rating: critical
References: #747297
Affected Products:
  • SUSE Linux Enterprise Desktop 11 SP1 FOR SP2
  • SUSE Linux Enterprise Desktop 11 SP1

  • An update that fixes 7 vulnerabilities is now available. It includes one version update.


    flash-player was updated to version

    It fixes lots of security issues, some already exploited in
    the wild.

    Details can be found at:

    These vulnerabilities could cause a crash and potentially
    allow an attacker to take control of the affected system.
    This update also resolves a universal cross-site scripting
    vulnerability that could be used to take actions on a
    user's behalf on any website or webmail provider, if the
    user visits a malicious website. There are reports that
    this vulnerability (CVE-2012-0767) is being exploited in
    the wild in active targeted attacks designed to trick the
    user into clicking on a malicious link delivered in an
    email message (Internet Explorer on Windows only).

    Security Issue references:

    * CVE-2012-0751
    * CVE-2012-0752
    * CVE-2012-0753
    * CVE-2012-0754
    * CVE-2012-0755
    * CVE-2012-0756
    * CVE-2012-0767

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Linux Enterprise Desktop 11 SP1 FOR SP2:
      zypper in -t patch sledsp1fsp2-flash-player-5817
    • SUSE Linux Enterprise Desktop 11 SP1:
      zypper in -t patch sledsp1-flash-player-5817

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Linux Enterprise Desktop 11 SP1 FOR SP2 (i586 x86_64) [New Version:]:
    • flash-player-
    • SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64) [New Version:]:
    • flash-player-