SUSE-SU-2012:0524-1: important: Security update for Acrobat Reader
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Apr 18 11:08:30 MDT 2012
SUSE Security Update: Security update for Acrobat Reader
______________________________________________________________________________
Announcement ID: SUSE-SU-2012:0524-1
Rating: important
References: #756574
Cross-References: CVE-2012-0774 CVE-2012-0775 CVE-2012-0777
Affected Products:
SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________
An update that fixes three vulnerabilities is now
available. It includes two new package versions.
Description:
The Acrobat Reader has been updated to version 9.5.1 to fix
the following issues:
* CVE-2012-0774: crafted fonts inside PDFs could allow
attackers to cause an integer overflow, resulting in the
possibility of arbitrary code execution
* CVE-2012-0775, CVE-2012-0777: an issue in acroread's
javascript API could allowattackers to cause a denial of
service or potentially execute arbitrary code
Security Issue references:
* CVE-2012-0774
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0774
>
* CVE-2012-0775
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0775
>
* CVE-2012-0777
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0777
>
Package List:
- SUSE Linux Enterprise Desktop 10 SP4 (noarch) [New Version: 9.4.6]:
acroread-cmaps-9.4.6-0.6.1
acroread-fonts-ja-9.4.6-0.6.1
acroread-fonts-ko-9.4.6-0.6.1
acroread-fonts-zh_CN-9.4.6-0.6.1
acroread-fonts-zh_TW-9.4.6-0.6.1
- SUSE Linux Enterprise Desktop 10 SP4 (i586) [New Version: 9.5.1]:
acroread-9.5.1-0.6.1
References:
http://support.novell.com/security/cve/CVE-2012-0774.html
http://support.novell.com/security/cve/CVE-2012-0775.html
http://support.novell.com/security/cve/CVE-2012-0777.html
https://bugzilla.novell.com/756574
http://download.novell.com/patch/finder/?keywords=e0a6a6c45c73e49ff30a650d740a24d0
More information about the sle-security-updates
mailing list