Gigabyte GA-990FXA-UD7 Motherboard Review @ HardwareLOOK

[news 28]

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

______________________________________________________________________________

 

SUSE Security Announcement

 

Package: flash-player

Announcement ID: SUSE-SA:2011:033

Date: Wed, 10 Aug 2011 14:00:00 +0000

Affected Products: SUSE Linux Enterprise Desktop 11 SP1

SUSE Linux Enterprise Desktop 10 SP4

Vulnerability Type: remote code execution

CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

SUSE Default Package: yes

Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135

CVE-2011-2136, CVE-2011-2137, CVE-2011-2138

CVE-2011-2139, CVE-2011-2140, CVE-2011-2414

CVE-2011-2415, CVE-2011-2416, CVE-2011-2417

CVE-2011-2425

 

Content of This Advisory:

1) Security Vulnerability Resolved:

remote code execution

Problem Description

2) Solution or Work-Around

3) Special Instructions and Notes

4) Package Location and Checksums

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

none

6) Authenticity Verification and Additional Information

 

______________________________________________________________________________

 

1) Problem Description and Brief Discussion

 

Flash-Player was updated to version 10.3.188.5 to fix various buffer

and integer overflows:

- CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

- CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

 

Earlier flash-player versions can be exploited to execute arbitrary code

remotely with the privileges of the attacked user.

 

For more details see:

http://www.adobe.com/support/security/bulletins/apsb11-21.html

 

2) Solution or Work-Around

 

none

 

3) Special Instructions and Notes

 

Pleease restart your browser.

 

4) Package Location and Checksums

 

The preferred method for installing security updates is to use the YaST

"Online Update" module or the "zypper" commandline tool. The package and

patch management stack will detect which updates are required and

automatically perform the necessary steps to verify and install them.

 

Alternatively, download the update packages for your distribution manually

and verify their integrity by the methods listed in Section 6 of this

announcement. Then install the packages using the command

 

rpm -Fhv

 

to apply the update, replacing with the filename of the

downloaded RPM package.

 

Our maintenance customers are notified individually. The packages are

offered for installation from the maintenance web:

 

SUSE Linux Enterprise Desktop 10 SP4

http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900

 

SUSE Linux Enterprise Desktop 11 SP1

http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10

 

______________________________________________________________________________

 

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

 

none

______________________________________________________________________________

 

6) Authenticity Verification and Additional Information

 

- Announcement authenticity verification: