From owner-freebsd-security@FreeBSD.ORG  Sun Aug 28 10:57:49 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@FreeBSD.org
Delivered-To: freebsd-security@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A1C7016A41F;
	Sun, 28 Aug 2005 10:57:49 +0000 (GMT) (envelope-from bsam@bsam.ru)
Received: from bsam.ru (gw.ipt.ru [80.253.10.66])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3D8E943D45;
	Sun, 28 Aug 2005 10:57:48 +0000 (GMT) (envelope-from bsam@bsam.ru)
Received: from bsam by bsam.ru with local (Exim 4.30; FreeBSD)
	id 1E9Kpf-0002Dm-OJ; Sun, 28 Aug 2005 14:56:11 +0400
To: Ian Moore <imoore@swiftdsl.com.au>
References: <200508281014.29868.imoore@swiftdsl.com.au>
From: Boris Samorodov <bsam@ipt.ru>
Date: Sun, 28 Aug 2005 14:56:11 +0400
In-Reply-To: <200508281014.29868.imoore@swiftdsl.com.au> (Ian Moore's message
	of "Sun, 28 Aug 2005 10:14:21 +0930")
Message-ID: <87188868@srv.sem.ipt.ru>
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: "Boris B. Samorodov" <bsam@bsam.ru>
Cc: freebsd-security@FreeBSD.org, trevor@freebsd.org, secteam@FreeBSD.org
Subject: Re: Arcoread7 secutiry vulnerability
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Aug 2005 10:57:49 -0000

Hi!


cc'd to freebsd-security@ as somebody there may correct me,
cc'd to secteam@ as maintaner of security/portaudit.


On Sun, 28 Aug 2005 10:14:21 +0930 Ian Moore wrote:

> I've just updated my acroread port to 7.0.1 & was surprised when portaudit 
> still listed it as a vulnerability.

I think it is portaudit problem.

> According to  http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/85093, the 
> upgrade to 7.0.1 is suppoed to fix the problem, but according to 
> http://www.freebsd.org/ports/portaudit/02bc9b7c-e019-11d9-a8bd-000cf18bbe54.html 
> and Adobe's web site at http://www.adobe.com/support/techdocs/331710.html, 
> the problem exists in 7.0.1 as well, but is fixed in 7.0.2.

> I'm just wondering who is right here, or am I missing something?

It looks like you missed the platfom to pay attention to. For Linux
and Solaris "users should upgrade to Adobe Reader 7.0.1"...



WBR
-- 
bsam