Bug 775986

Summary: VUL-0: CVE-2012-1535: flash-player: code execution vulnerability
Product: [Novell Products] SUSE Security Incidents Reporter: Matthias Weckbecker <mweckbecker>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P2 - High CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: maint:released:sle11-sp1:48735 maint:released:sle10-sp4:48736
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Matthias Weckbecker 2012-08-15 08:02:34 UTC 
An update of flash-player is available. Quote from [1]:

"Adobe has released security updates for Adobe Flash Player 11.3.300.270 and
 earlier versions for Windows, Macintosh and Linux. These updates address a
 vulnerability (CVE-2012-1535) that could cause the application to crash and
 potentially allow an attacker to take control of the affected system."

[1] http://www.adobe.com/support/security/bulletins/apsb12-18.html
Comment 1 Swamp Workflow Management 2012-08-15 12:34:42 UTC 
The SWAMPID for this issue is 48732.
This issue was rated as important.
Please submit fixed packages until 2012-08-22.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 2 Bernhard Wiedemann 2012-08-15 13:00:07 UTC 
This is an autogenerated message for OBS integration:
This bug (775986) was mentioned in
https://build.opensuse.org/request/show/130880 Factory / flash-player
Comment 3 Swamp Workflow Management 2012-08-16 16:08:53 UTC 
openSUSE-SU-2012:0996-1: An update that fixes one vulnerability is now available.

Category: security (critical)
Bug References: 775986
CVE References: CVE-2012-1535
Sources used:
Comment 4 Swamp Workflow Management 2012-08-17 10:55:18 UTC 
Update released for: flash-player, flash-player-gnome, flash-player-kde4
Products:
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-DESKTOP 11-SP1-FOR-SP2 (i386, x86_64)
Comment 5 Swamp Workflow Management 2012-08-17 15:49:26 UTC 
Update released for: flash-player
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
Comment 6 Bernhard Wiedemann 2012-08-20 11:00:15 UTC 
This is an autogenerated message for OBS integration:
This bug (775986) was mentioned in
https://build.opensuse.org/request/show/131220 Evergreen:11.2 / flash-player
Comment 7 Matthias Weckbecker 2012-08-22 08:09:54 UTC 
All done.
Comment 8 Dirk Mueller 2012-08-22 09:32:20 UTC 
*** Bug 776891 has been marked as a duplicate of this bug. ***
Comment 9 Swamp Workflow Management 2013-02-28 17:25:33 UTC 
openSUSE-SU-2013:0362-1: An update that fixes one vulnerability is now available.

Category: security (critical)
Bug References: 775986
CVE References: CVE-2012-1535
Sources used: