Bugzilla – Bug 633159
Adobe Reader (acroread) on Factory: Update to 9.2.4 security-fixed version
Last modified: 2010-08-20 14:33:01 UTC
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:126.96.36.199) Gecko/20100722 Firefox/3.6.8
Security updates available for Adobe Reader and Acrobat
Release date: August 19, 2010
Vulnerability identifier: APSB10-17
CVE numbers: CVE-2010-2862, CVE-2010-1240
Platform: All Platforms
These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2010-2862).
These updates further mitigate a social engineering attack that could lead to code execution (CVE-2010-1240).
These updates incorporate the Adobe Flash Player update as noted in Security Bulletin APSB10-16.
Please update Factory (and the release branches).
I got the version number wrong in the Summary: It's 9.3.4.
And I misread somehow the APSB - it carries the following note:
"Note: Adobe Reader 9.3.4 for Windows, Macintosh and UNIX will be available from the Adobe Reader Download Center at http://get.adobe.com/reader/ by August 31, 2010."
Thus, although the whole report talks about downloading/installing/updating 9.3.4, the version does not seem to be available and
"Adobe Reader users on UNIX can find the appropriate update here:
Only offers 9.3.3. Sorry for the premature bug report.
Actually, that is also wrong. While the links in the APSB link to a page where it is not available - and the report is a bit unclear whether it is available now or on August 31, a Unix 9.3.4 can be found at
Or go directly to:
thanks for having an open eye, we've been tracking this in bug 629134 already though. The "paperwork" is already done, we just need someone to submit packages ... :-)
*** This bug has been marked as a duplicate of bug 629134 ***