Bugzilla – Bug 803485
VUL-0: flash-player: 11.2.202.270 update (ABSP13-05)
Last modified: 2015-02-19 01:17:44 UTC
is public, via http://www.adobe.com/support/security/bulletins/apsb13-05.html Release date: February 12, 2013 Vulnerability identifier: APSB13-05 Priority: See table below CVE number: CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-0649, CVE-2013-1365, CVE-2013-1374, CVE-2013-1368, CVE-2013-0642, CVE-2013-0644, CVE-2013-0647, CVE-2013-1367, CVE-2013-0639, CVE-2013-0638, CVE-2013-0637 ... Users of Adobe Flash Player 11.2.202.262 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.270. ... This update resolves buffer overflow vulnerabilities that could lead to code execution (CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-1365, CVE-2013-1368, CVE-2013-0642, CVE-2013-1367). This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2013-0649, CVE-2013-1374, CVE-2013-0644). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2013-0639). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2013-0638, CVE-2013-0647). This update resolves a vulnerability that could result in information disclosure (CVE-2013-0637).
The SWAMPID for this issue is 51161. This issue was rated as critical. Please submit fixed packages until 2013-02-15. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
Created OBS maintenance request 155332. Created IBS request id 24305 for SLE11 and request id 24306 for SLE10.
bugbot adjusting priority
This is an autogenerated message for OBS integration: This bug (803485) was mentioned in https://build.opensuse.org/request/show/155378 Evergreen:11.2 / flash-player
Updates released.
openSUSE-SU-2013:0295-1: An update that fixes 17 vulnerabilities is now available. Category: security (critical) Bug References: 803485 CVE References: CVE-2013-0637,CVE-2013-0638,CVE-2013-0639,CVE-2013-0642,CVE-2013-0644,CVE-2013-0645,CVE-2013-0647,CVE-2013-0649,CVE-2013-1365,CVE-2013-1366,CVE-2013-1367,CVE-2013-1368,CVE-2013-1369,CVE-2013-1370,CVE-2013-1372,CVE-2013-1373,CVE-2013-1374 Sources used:
This is an autogenerated message for OBS integration: This bug (803485) was mentioned in https://build.opensuse.org/request/show/155439 Evergreen:11.2 / flash-player
Update released for: flash-player Products: SLE-DESKTOP 10-SP4 (i386, x86_64)
Update released for: flash-player, flash-player-gnome, flash-player-kde4 Products: SLE-DESKTOP 11-SP2 (i386, x86_64)
openSUSE-SU-2013:0298-1: An update that fixes 17 vulnerabilities is now available. Category: security (critical) Bug References: 803485 CVE References: CVE-2013-0637,CVE-2013-0638,CVE-2013-0639,CVE-2013-0642,CVE-2013-0644,CVE-2013-0645,CVE-2013-0647,CVE-2013-0649,CVE-2013-1365,CVE-2013-1366,CVE-2013-1367,CVE-2013-1368,CVE-2013-1369,CVE-2013-1370,CVE-2013-1372,CVE-2013-1373,CVE-2013-1374 Sources used:
This is an autogenerated message for OBS integration: This bug (803485) was mentioned in https://build.opensuse.org/request/show/156726 Factory / flash-player
openSUSE-SU-2013:0295-2: An update that fixes 17 vulnerabilities is now available. Category: security (critical) Bug References: 803485 CVE References: CVE-2013-0637,CVE-2013-0638,CVE-2013-0639,CVE-2013-0642,CVE-2013-0644,CVE-2013-0645,CVE-2013-0647,CVE-2013-0649,CVE-2013-1365,CVE-2013-1366,CVE-2013-1367,CVE-2013-1368,CVE-2013-1369,CVE-2013-1370,CVE-2013-1372,CVE-2013-1373,CVE-2013-1374 Sources used: