----------------------------------------------------------------------

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.

Download and test it today:
https://psi.secunia.com/

Read more about this new version:
https://psi.secunia.com/?page=changelog

----------------------------------------------------------------------

TITLE:
SUSE update for flash-player

SECUNIA ADVISORY ID:
SA28213

VERIFY ADVISORY:
http://secunia.com/advisories/28213/

CRITICAL:
Highly critical

IMPACT:
Unknown, Security Bypass, Cross Site Scripting, Manipulation of data,
Exposure of sensitive information, Privilege escalation, DoS, System
access

WHERE:
>From remote

OPERATING SYSTEM:
SUSE Linux 10.1
http://secunia.com/product/10796/
openSUSE 10.2
http://secunia.com/product/13375/
openSUSE 10.3
http://secunia.com/product/16124/

DESCRIPTION:
SUSE has issued an update for flash-player. This fixes some
vulnerabilities, where one vulnerability has an unknown impact and
others can be exploited by malicious, local users to gain escalated
privileges and by malicious people to bypass certain security
restrictions, conduct cross-site scripting and HTTP request splitting
attacks, disclose sensitive information, cause a Denial of Service
(DoS), or to potentially compromise a user's system.

For more information:
SA28161

SOLUTION:
Apply updated packages.

x86 Platform:

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/flash-player-9.0.115.0-0.1.i586.rpm
458f40bd9a8e92f6e023e76abead4314

openSUSE 10.2:

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/flash-player-9.0.115.0-0.1.i586.rpm
d633f8e0bbd9c409430a966904774ecc

SUSE LINUX 10.1:

ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/flash-player-9.0.115.0-0.2.i586.rpm
c3dda649b3d756ed3e2bacf157488355

Sources:

openSUSE 10.2:

ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/flash-player-9.0.115.0-0.1.src.rpm
8800a58c48768989b74fed31be4f633c

SUSE LINUX 10.1:

ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/flash-player-9.0.115.0-0.2.src.rpm
1774fb28b6c550af16f738c4daa20a4e

openSUSE 10.3:

http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/flash-player-9.0.115.0-0.1.src.rpm
ac9d87e16de02daa91202e16cb6fffc3

Novell Linux Desktop 9

http://support.novell.com/techcenter/psdb/abac03d3ea3f90145ddbc82fdd20aebd.html

SUSE Linux Enterprise Desktop 10 SP1

http://support.novell.com/techcenter/psdb/abac03d3ea3f90145ddbc82fdd20aebd.html

ORIGINAL ADVISORY:
http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00007.html

OTHER REFERENCES:
SA28161:
http://secunia.com/advisories/28161/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------