Date: Wed, 13 May 2009 08:51:44 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/french/acroread9 distinfo ports/german/acroread9 distinfo ports/japanese/acroread9 distinfo ports/print/acroread9 Makefile distinfo Message-ID: <200905130851.n4D8pidB075702@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
hrs 2009-05-13 08:51:44 UTC FreeBSD ports repository Modified files: french/acroread9 distinfo german/acroread9 distinfo japanese/acroread9 distinfo print/acroread9 Makefile distinfo Log: Update to 9.1.1. Two critical vulnerabilities have been fixed: - CVE-2009-1492 The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments. - CVE-2009-1493 The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument. Security: CVE-2009-1492 Security: CVE-2009-1493 Security: http://www.adobe.com/support/security/bulletins/apsb09-06.html Revision Changes Path 1.2 +3 -3 ports/french/acroread9/distinfo 1.2 +3 -3 ports/german/acroread9/distinfo 1.2 +3 -3 ports/japanese/acroread9/distinfo 1.4 +4 -5 ports/print/acroread9/Makefile 1.2 +3 -3 ports/print/acroread9/distinfo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905130851.n4D8pidB075702>