Date: Fri, 14 Mar 2014 06:58:14 +0900 (JST) From: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> To: FreeBSD-gnats-submit@freebsd.org Cc: turutani@scphys.kyoto-u.ac.jp Subject: ports/187556: www/linux-f10-flashplugin11 is vulnerable Message-ID: <201403132158.s2DLwEsa097688@h120.65.226.10.32118.vlan.kuins.net> Resent-Message-ID: <201403132220.s2DMK0lN083597@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 187556 >Category: ports >Synopsis: www/linux-f10-flashplugin11 is vulnerable >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 13 22:20:00 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Tsurutani Naoki >Release: FreeBSD 8.4-PRERELEASE i386 >Organization: >Environment: System: FreeBSD h120.65.226.10.32118.vlan.kuins.net 8.4-PRERELEASE FreeBSD 8.4-PRERELEASE #26 r249149: Fri Apr 5 22:13:25 JST 2013 turutani@h120.65.226.10.32118.vlan.kuins.net:/usr/local/work/usr/obj/usr/src/sys/POLYMER i386 >Description: www/linux-f10-flashplugin11 is vulnerable. ref: http://helpx.adobe.com/security/products/flash-player/apsb14-08.html >How-To-Repeat: >Fix: new version is available. here is a patch: diff -urN linux-f10-flashplugin11.orig/Makefile linux-f10-flashplugin11/Makefile --- linux-f10-flashplugin11.orig/Makefile 2014-02-25 12:12:24.000000000 +0900 +++ linux-f10-flashplugin11/Makefile 2014-03-14 06:36:15.000000000 +0900 @@ -2,7 +2,7 @@ # $FreeBSD: head/www/linux-f10-flashplugin11/Makefile 345915 2014-02-25 03:12:24Z eadler $ PORTNAME= flashplugin -PORTVERSION= 11.2r202.341 +PORTVERSION= 11.2r202.346 CATEGORIES= www multimedia linux MASTER_SITES= http://fpdownload.macromedia.com/get/flashplayer/pdc/${PORTVERSION:C/r/\./}/:plugin \ LOCAL/nox:suplib diff -urN linux-f10-flashplugin11.orig/distinfo linux-f10-flashplugin11/distinfo --- linux-f10-flashplugin11.orig/distinfo 2014-02-25 12:12:24.000000000 +0900 +++ linux-f10-flashplugin11/distinfo 2014-03-14 06:37:13.000000000 +0900 @@ -1,4 +1,4 @@ -SHA256 (flashplugin/11.2r202.341/install_flash_player_11_linux.i386.tar.gz) = 4cc1d08661c8b39bd86bc8ad867fcecfd344916ca076e2f9b4b20c405a0cdf2d -SIZE (flashplugin/11.2r202.341/install_flash_player_11_linux.i386.tar.gz) = 6924197 -SHA256 (flashplugin/11.2r202.341/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf -SIZE (flashplugin/11.2r202.341/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455 +SHA256 (flashplugin/11.2r202.346/install_flash_player_11_linux.i386.tar.gz) = 2a27d40ae597965c73b40ed5eceaf5918fc0b62e48088c5d2e1664e09bfac405 +SIZE (flashplugin/11.2r202.346/install_flash_player_11_linux.i386.tar.gz) = 6924402 +SHA256 (flashplugin/11.2r202.346/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf +SIZE (flashplugin/11.2r202.346/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403132158.s2DLwEsa097688>