FedoraNEWS.ORG - Adobe Advisory

[SECURITY] Important Fixes in flash-plugin-7.0.69-2

Fri, 15 Dec 2006 10:59:48 -0800

http://macromedia.mplug.org/
The Flash Player for Linux site above has RPMS tested for easy install/upgrade on Fedora. This site not affiliated with the Fedora Project.

http://www.adobe.com/support/security/bulletins/apsb06-18.html
flash-plugin-7.0.69-2 fixes "vulnerabilities would allow remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks". Additionally, have I added a horribly ugly hack to this RPM to worksaround the hard-coded font path issue, so fonts work on Fedora Core 5+. This hack will remove itself when users later upgrade to flash-plugin-9 RPM.

[SECURITY] Critical Fixes in flash-plugin-7.0.68-1

Tue, 12 Sep 2006 23:22:59 -0700

Release Date: September 12, 2006

flash-plugin-7.0.68-1 fixes multiple input validation errors that had
the potential for execution of arbitrary code. These are CVE-2006-3311,
CVE-2006-3587, and CVE-2006-3588.

http://www.adobe.com/support/security/bulletins/apsb06-11.html
Adobe's Security Bulletin with some details.

http://macromedia.mplug.org/
The Flash Player for Linux site above has RPMS tested for easy

APSB06-03 Flash Player Update to Address Security Vulnerabilities

Tue, 04 Apr 2006 00:34:27 -0700

Originally posted: March 14, 2006

http://www.adobe.com/devnet/security/security_zone/apsb06-03.html

Critical vulnerabilities have been identified in Flash Player that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform.