Bug 150831 - vulnerability in www/linux-f10-flashplugin10
Summary: vulnerability in www/linux-f10-flashplugin10
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-emulation (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-09-22 04:00 UTC by TsurutaniNaoki
Modified: 2010-09-22 13:40 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description TsurutaniNaoki 2010-09-22 04:00:08 UTC 
	www/linux-f10-flashplugin10 is vulnerable.
	ref. http://www.adobe.com/support/security/advisories/apsa10-03.html

Fix: 

here is a patch to www/linux-f10-flashplugin10:
	--- linux-f10-flashplugin10/Makefile.orig	2010-08-20 06:27:00.000000000 +0900
	+++ linux-f10-flashplugin10/Makefile	2010-09-22 11:00:54.000000000 +0900
	@@ -7,7 +7,7 @@
	 #

	 PORTNAME=	flashplugin
	-PORTVERSION=	10.1r82
	+PORTVERSION=	10.1r85
	 CATEGORIES=	www multimedia linux
	 MASTER_SITES=  http://fpdownload.macromedia.com/get/flashplayer/current/:plugin \
	 	ftp://ftp.ipt.ru/pub/download/:suplib
	diff -urN linux-f10-flashplugin10.orig/distinfo linux-f10-flashplugin10/distinfo
	--- linux-f10-flashplugin10/distinfo.orig   2010-08-20 06:27:00.000000000 +0900
	+++ linux-f10-flashplugin10/distinfo    2010-09-22 11:04:37.000000000 +0900
	@@ -1,6 +1,6 @@
	-MD5 (flashplugin/10.1r82/install_flash_player_10_linux.tar.gz) = 7f122a6bf62403c2916f37df48c18768
	-SHA256 (flashplugin/10.1r82/install_flash_player_10_linux.tar.gz) = c6f8831ce648e7fa8e037f1fa8362d2d998cae0e06490e792bcd5871f3eb936a
	-SIZE (flashplugin/10.1r82/install_flash_player_10_linux.tar.gz) = 4907270
	-MD5 (flashplugin/10.1r82/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 6e416c81497f65065d78dae1e0acad0d
	-SHA256 (flashplugin/10.1r82/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf
	-SIZE (flashplugin/10.1r82/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455
	+MD5 (flashplugin/10.1r85/install_flash_player_10_linux.tar.gz) = d3d8f82384325c2adfb4cfd5ef173d7f
	+SHA256 (flashplugin/10.1r85/install_flash_player_10_linux.tar.gz) = 7f0e57febd1ca96af626ca1b7f4f95b42eee4ef687ead6853fd49c5517089087
	+SIZE (flashplugin/10.1r85/install_flash_player_10_linux.tar.gz) = 4907056
	+MD5 (flashplugin/10.1r85/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 6e416c81497f65065d78dae1e0acad0d
	+SHA256 (flashplugin/10.1r85/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf
	+SIZE (flashplugin/10.1r85/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455

	www/linux-f8-flashplugin10 and www/linux-flashplugin9 are also vulnerable.
	9.0r283 is available.
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2010-09-22 04:00:17 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->emulation

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 TsurutaniNaoki 2010-09-22 04:12:02 UTC 
I dropped my e-mail address, hence I re-sent it as ports/150832.
Please close this PR.
Comment 3 Boris Samorodov freebsd_committer freebsd_triage 2010-09-22 12:11:55 UTC 
State Changed
From-To: open->closed

Closed per submitters request.
Comment 4 Alexander Best freebsd_committer freebsd_triage 2010-09-22 13:40:07 UTC 
Responsible Changed
From-To: emulation->freebsd-emulation

Over to maintainer(s).