Date: Wed, 13 May 2009 08:51:44 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/french/acroread9 distinfo ports/german/acroread9 distinfo ports/japanese/acroread9 distinfo ports/print/acroread9 Makefile distinfo Message-ID: <200905130851.n4D8pidB075702@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
hrs 2009-05-13 08:51:44 UTC
FreeBSD ports repository
Modified files:
french/acroread9 distinfo
german/acroread9 distinfo
japanese/acroread9 distinfo
print/acroread9 Makefile distinfo
Log:
Update to 9.1.1. Two critical vulnerabilities have been fixed:
- CVE-2009-1492
The getAnnots Doc method in the JavaScript API in Adobe Reader
and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote
attackers to cause a denial of service (memory corruption) or
execute arbitrary code via a PDF file that contains an
annotation, and has an OpenAction entry with JavaScript code
that calls this method with crafted integer arguments.
- CVE-2009-1493
The customDictionaryOpen spell method in the JavaScript API in
Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to
cause a denial of service (memory corruption) or execute
arbitrary code via a PDF file that triggers a call to this
method with a long string in the second argument.
Security: CVE-2009-1492
Security: CVE-2009-1493
Security: http://www.adobe.com/support/security/bulletins/apsb09-06.html
Revision Changes Path
1.2 +3 -3 ports/french/acroread9/distinfo
1.2 +3 -3 ports/german/acroread9/distinfo
1.2 +3 -3 ports/japanese/acroread9/distinfo
1.4 +4 -5 ports/print/acroread9/Makefile
1.2 +3 -3 ports/print/acroread9/distinfo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200905130851.n4D8pidB075702>