** Summary changed: - flashplugin-nonfree update needed due to upstream change + flashplugin-nonfree update needed due to upstream change(APSB09-01)
** Description changed: Binary package hint: flashplugin-nonfree Adobe released version 10.0.22.87 of the Flash Player Plugin today. This means that the checksum of the install_flash_player_10_linux.tar.gz has changed and thus flashplugin-nonfree is currently un-installable - the install fails with an md5sum mismatch. Thus, the flashplugin- nonfree should be updated to contain the new md5sum values. + + CVE number: CVE-2009-0519, CVE-2009-0520, CVE-2009-0522, CVE-2009-0114, + CVE-2009-0521 + + Advisory summary(from Adobe): + > A potential vulnerability has been identified in Adobe Flash Player 10.0.12.36 and earlier that could allow an attacker + > who successfully exploits this potential vulnerability to take control of the affected system. A malicious SWF must + > be loaded in Flash Player by the user for an attacker to exploit this potential vulnerability. Additional vulnerabilities + > have been addressed in this update. Adobe recommends users update to the most current version of Flash Player + > available for their platform. + + Acton Items: + + Update flashplugin-nonfree's md5sums to; + + - Flash Player 10(Jaunty, Intrepid, Hardy-backports); + => Update to 10.0.22.87 / Available in upstream(adobe). + + - Flash Player 9(Hardy, Gutsy, Dapper-backports); + => Update to 9.0.159.0 / Available in upstream(adobe). + + - Flash Player 7(Dapper) + => No way, use dapper-backports. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-0519 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-0522 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-0114 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-0521 -- flashplugin-nonfree update needed due to upstream change(APSB09-01) https://bugs.launchpad.net/bugs/334134 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
