[Bug 334134] Re: flashplugin-nonfree update needed due to upstream change(APSB09-01)

Fumihito YOSHIDA hito at kugutsu.org
Wed Feb 25 14:46:07 UTC 2009 

** Summary changed:

- flashplugin-nonfree update needed due to upstream change
+ flashplugin-nonfree update needed due to upstream change(APSB09-01)

** Description changed:

  Binary package hint: flashplugin-nonfree
  
  Adobe released version 10.0.22.87 of the Flash Player Plugin today.
  This means that the checksum of the install_flash_player_10_linux.tar.gz
  has changed and thus flashplugin-nonfree is currently un-installable -
  the install fails with an md5sum mismatch.  Thus, the flashplugin-
  nonfree should be updated to contain the new md5sum values.
+ 
+ CVE number: CVE-2009-0519, CVE-2009-0520, CVE-2009-0522, CVE-2009-0114,
+ CVE-2009-0521
+ 
+ Advisory summary(from Adobe):
+ > A potential vulnerability has been identified in Adobe Flash Player 10.0.12.36 and earlier that could allow an attacker
+ > who successfully exploits this potential vulnerability to take control of the affected system. A malicious SWF must
+ > be loaded in Flash Player by the user for an attacker to exploit this potential vulnerability. Additional vulnerabilities
+ > have been addressed in this update. Adobe recommends users update to the most current version of Flash Player
+ > available for their platform. 
+ 
+ Acton Items:
+ 
+ Update flashplugin-nonfree's md5sums to;
+ 
+ - Flash Player 10(Jaunty, Intrepid, Hardy-backports);
+ => Update to 10.0.22.87 / Available in upstream(adobe).
+ 
+ - Flash Player 9(Hardy, Gutsy, Dapper-backports); 
+ => Update to 9.0.159.0 / Available in upstream(adobe).
+ 
+ - Flash Player 7(Dapper)
+ => No way, use dapper-backports.

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0519

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0522

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0114

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-0521

-- 
flashplugin-nonfree update needed due to upstream change(APSB09-01)
https://bugs.launchpad.net/bugs/334134
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to flashplugin-nonfree in ubuntu.

More information about the Ubuntu-mozillateam-bugs mailing list