www/linux-f10-flashplugin10 is vulnerable. ref. http://www.adobe.com/support/security/advisories/apsa10-03.html Fix: here is a patch to www/linux-f10-flashplugin10: --- linux-f10-flashplugin10/Makefile.orig 2010-08-20 06:27:00.000000000 +0900 +++ linux-f10-flashplugin10/Makefile 2010-09-22 11:00:54.000000000 +0900 @@ -7,7 +7,7 @@ # PORTNAME= flashplugin -PORTVERSION= 10.1r82 +PORTVERSION= 10.1r85 CATEGORIES= www multimedia linux MASTER_SITES= http://fpdownload.macromedia.com/get/flashplayer/current/:plugin \ ftp://ftp.ipt.ru/pub/download/:suplib diff -urN linux-f10-flashplugin10.orig/distinfo linux-f10-flashplugin10/distinfo --- linux-f10-flashplugin10/distinfo.orig 2010-08-20 06:27:00.000000000 +0900 +++ linux-f10-flashplugin10/distinfo 2010-09-22 11:04:37.000000000 +0900 @@ -1,6 +1,6 @@ -MD5 (flashplugin/10.1r82/install_flash_player_10_linux.tar.gz) = 7f122a6bf62403c2916f37df48c18768 -SHA256 (flashplugin/10.1r82/install_flash_player_10_linux.tar.gz) = c6f8831ce648e7fa8e037f1fa8362d2d998cae0e06490e792bcd5871f3eb936a -SIZE (flashplugin/10.1r82/install_flash_player_10_linux.tar.gz) = 4907270 -MD5 (flashplugin/10.1r82/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 6e416c81497f65065d78dae1e0acad0d -SHA256 (flashplugin/10.1r82/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf -SIZE (flashplugin/10.1r82/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455 +MD5 (flashplugin/10.1r85/install_flash_player_10_linux.tar.gz) = d3d8f82384325c2adfb4cfd5ef173d7f +SHA256 (flashplugin/10.1r85/install_flash_player_10_linux.tar.gz) = 7f0e57febd1ca96af626ca1b7f4f95b42eee4ef687ead6853fd49c5517089087 +SIZE (flashplugin/10.1r85/install_flash_player_10_linux.tar.gz) = 4907056 +MD5 (flashplugin/10.1r85/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 6e416c81497f65065d78dae1e0acad0d +SHA256 (flashplugin/10.1r85/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf +SIZE (flashplugin/10.1r85/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455 www/linux-f8-flashplugin10 and www/linux-flashplugin9 are also vulnerable. 9.0r283 is available.
Responsible Changed From-To: freebsd-ports-bugs->emulation Over to maintainer (via the GNATS Auto Assign Tool)
Responsible Changed From-To: emulation->freebsd-emulation Over to maintainer(s).
nox 2010-09-22 17:45:56 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml www/linux-f10-flashplugin10 Makefile distinfo www/linux-f8-flashplugin10 Makefile distinfo www/linux-flashplugin9 Makefile distinfo Log: Update to 10.1r85 resp. 9.0r283 [1]. Security: http://www.freebsd.org/ports/portaudit/8a34d9e6-c662-11df-b2e1-001b2134ef46.html PR: ports/150832 [2] Submitted by: pointyhat via pav [1], Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> [2] Revision Changes Path 1.2225 +45 -1 ports/security/vuxml/vuln.xml 1.9 +1 -1 ports/www/linux-f10-flashplugin10/Makefile 1.9 +6 -6 ports/www/linux-f10-flashplugin10/distinfo 1.10 +1 -1 ports/www/linux-f8-flashplugin10/Makefile 1.7 +6 -6 ports/www/linux-f8-flashplugin10/distinfo 1.43 +1 -1 ports/www/linux-flashplugin9/Makefile 1.27 +6 -6 ports/www/linux-flashplugin9/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Update and vuxml committed. Thanks!