Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 11 Nov 2011 23:11:46 +0900 (JST)
From:      Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        turutani@scphys.kyoto-u.ac.jp
Subject:   ports/162476: www/linux-f10-flashplugin11 is vulnerable
Message-ID:  <201111111411.pABEBkmW007756@h120.65.226.10.32118.vlan.kuins.net>
Resent-Message-ID: <201111111420.pABEK1Fr035126@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         162476
>Category:       ports
>Synopsis:       www/linux-f10-flashplugin11 is vulnerable
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Nov 11 14:20:01 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Tsurutani Naoki
>Release:        FreeBSD 8.2-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD h120.65.226.10.32118.vlan.kuins.net 8.2-PRERELEASE FreeBSD 8.2-PRERELEASE #25: Mon Jan 24 10:37:18 JST 2011 turutani@h120.65.226.10.32118.vlan.kuins.net:/usr/local/work/usr/obj/usr/src/sys/POLYMER i386


	
>Description:
	www/linux-f10-flashplugin11 is vulnerable.
	ref: http://www.adobe.com/support/security/bulletins/apsb11-28.html
	
>How-To-Repeat:
	
>Fix:
	new version of linux-f10-flashplugin11 is available.
	here is a patch to ports:

--- Makefile.orig	2011-11-04 04:01:24.000000000 +0900
+++ Makefile	2011-11-11 23:00:12.000000000 +0900
@@ -7,9 +7,9 @@
 #
 
 PORTNAME=	flashplugin
-PORTVERSION=	11.0r1.152
+PORTVERSION=	11.1r102.55
 CATEGORIES=	www multimedia linux
-MASTER_SITES=	http://fpdownload.macromedia.com/get/flashplayer/current/:plugin \
+MASTER_SITES=	http://fpdownload.macromedia.com/get/flashplayer/pdc/${PORTVERSION:C/r/\./}/:plugin \
 		ftp://ftp.ipt.ru/pub/download/:suplib \
 		LOCAL/nox:suplib
 PKGNAMEPREFIX=	linux-f10-
--- distinfo.orig	2011-10-05 08:11:17.000000000 +0900
+++ distinfo	2011-11-11 23:02:43.000000000 +0900
@@ -1,4 +1,4 @@
-SHA256 (flashplugin/11.0r1.152/install_flash_player_11_linux.i386.tar.gz) = 3532ee49eda0845597084a805e11985f9fd9c5f7b5b72f592ceb18529da918c1
-SIZE (flashplugin/11.0r1.152/install_flash_player_11_linux.i386.tar.gz) = 6742944
-SHA256 (flashplugin/11.0r1.152/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf
-SIZE (flashplugin/11.0r1.152/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455
+SHA256 (flashplugin/11.1r102.55/install_flash_player_11_linux.i386.tar.gz) = 678e2270cb12821b3685af22428e1122b2d130bc8f12ecc714d3636a00b5ed23
+SIZE (flashplugin/11.1r102.55/install_flash_player_11_linux.i386.tar.gz) = 6748255
+SHA256 (flashplugin/11.1r102.55/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 4a309b1a326bd2212cc72480628659e5a7fd61d9e0572cb7350c206f030955bf
+SIZE (flashplugin/11.1r102.55/linux-f10-flashsupport-9.0.1.i386.tar.gz) = 3455
	


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201111111411.pABEBkmW007756>