Bug 916374 - [Security] Update to Adobe Flash 11.2.202.442
[Security] Update to Adobe Flash 11.2.202.442
Status: RESOLVED DUPLICATE of bug 915918
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Security
201502*
Other Other
: P5 - None : Major (vote)
: ---
Assigned To: Security Team bot
E-mail List
maint:running:60572:low
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-02-05 10:42 UTC by Tobias Burnus
Modified: 2015-02-09 17:44 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Burnus 2015-02-05 10:42:38 UTC
A new Linux version of Adobe Flash is available. I still have to find the security announcement, but I am pretty sure that it is a security update.

Possibly related to
http://helpx.adobe.com/security/products/flash-player/apsa15-02.html
which is only a Windows/MacOS announcement.


See also:
wget http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.442/install_flash_player_11_linux.x86_64.tar.gz

strings libflashplayer.so* | grep LNX
LNX 11,2,202,442
Comment 2 Tobias Burnus 2015-02-05 10:53:21 UTC
Maybe, it is also not affected. The linked announcement contains under Update:

February 2, 2015 - removed Flash Player version 11.x from the list of affected versions.  Version 11.x and earlier do not support the functionality affected by CVE-2015-0313.

See also: https://bugzilla.redhat.com/show_bug.cgi?id=1188329 and http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0313
Comment 3 Jacob W 2015-02-06 06:18:51 UTC
11.2.202.442 is now properly listed on the official Adobe Flash pages:
https://www.adobe.com/software/flash/about/
https://www.adobe.com/products/flashplayer/distribution3.html

This new version (11.2.202.442) addresses critical vulnerbilities, explained here:
http://helpx.adobe.com/security/products/flash-player/apsb15-04.html

Firefox also now automatically disables Adobe Flash on all sites that use the newest version currently available in openSUSE (11.2.202.440, which is outdated).

Please update ASAP.
Comment 4 Johannes Segitz 2015-02-06 08:38:08 UTC
is handled in bnc#915918

*** This bug has been marked as a duplicate of bug 915918 ***
Comment 5 Swamp Workflow Management 2015-02-06 08:41:04 UTC
An update workflow for this issue was started.
This issue was rated as low.
Please submit fixed packages until 2015-03-06.
https://swamp.suse.de/webswamp/wf/60571
Comment 6 Swamp Workflow Management 2015-02-06 08:49:10 UTC
An update workflow for this issue was started.
This issue was rated as low.
Please submit fixed packages until 2015-03-06.
https://swamp.suse.de/webswamp/wf/60572