From owner-svn-ports-all@freebsd.org  Wed Jul 11 17:27:03 2018
Return-Path: <owner-svn-ports-all@freebsd.org>
Delivered-To: svn-ports-all@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 05FAC102C543
 for <svn-ports-all@mailman.ysv.freebsd.org>;
 Wed, 11 Jul 2018 17:27:03 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 9AB817D1EA;
 Wed, 11 Jul 2018 17:27:02 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Received: from freefall.freebsd.org
 (static-71-168-218-4.cmdnnj.fios.verizon.net [71.168.218.4])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 (Authenticated sender: jkim/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 700C21EC2C;
 Wed, 11 Jul 2018 17:27:02 +0000 (UTC)
 (envelope-from jkim@FreeBSD.org)
Subject: Re: svn commit: r474467 - head/security/vuxml
To: "N.J. Mann" <njm@njm.me.uk>
Cc: svn-ports-all@freebsd.org
References: <201807111644.w6BGiQVJ014595@repo.freebsd.org>
 <FA8EAA8E63D708A49EA6ED34@triton.njm.me.uk>
From: Jung-uk Kim <jkim@FreeBSD.org>
Openpgp: preference=signencrypt
Autocrypt: addr=jkim@FreeBSD.org; prefer-encrypt=mutual; keydata=
 xsBNBFJBztUBCAChqNyGqmFuNo0U7MBzsD+q/G6Cv0l7LGVrOAsgh34M8wIWhD+tztDWMVfn
 AhxNDd0ceCj2bYOe67sTQxAScEcbt2FfvPOLp9MEXb9qohZj172Gwkk7dnhOhZZKhVGVZKM4
 NcsuBDUzgf4f3Vdzj4wg6WlqplnTZo8lPE4hZWvZHoFIyunPTJWenybeV1xnxK7JkUdSvQR0
 fA59RfTTECMwTrSEfYGUnxIDBraxJ7Ecs/0hGQ7sljIj8WBvlRDU5fU1xfF35aw56T8POQRq
 F4E6RVJW3YGuTpSwgtGZOTfygcLRhAiq3dFC3JNLaTVTpM8PjOinJyt9AU6RoITGOKwDABEB
 AAHNHkp1bmctdWsgS2ltIDxqa2ltQEZyZWVCU0Qub3JnPsLAfQQTAQoAJwUCUkHO1QIbAwUJ
 E0/POwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRB8n5Ym/NvxRqyzB/wL7QtsIpeGfGIA
 ZPMtgXMucM3NWzomyQMln2j2efUkDKthzh9jBxgF53TjOr7imwIt0PT2k1bqctPrq5IRqnu9
 mGroqaCLE3LG2/E3jEaao4k9PO6efwlioyivUo5NrqIQOQ4k3EAXw7d2y0Dk1VpTgdMrnUAB
 hj7lGlLqS4ydcrf24DdbCRGdEQwqd9DBeBgbWynxAJMgbZBhYVEyIHuQKkJ8qY0ibIPXXuF0
 KYDeH0qUHtWV2K3srNyPtymUkBQD84Pl1GWRYx05XdUHDmnX0JV3lg0BfYJZgZv0ehPQrMfY
 Fd9abTkf9FHQYz1JtsC8wUuRgqElRd6+YAGf8Tt9zsBNBFJBztUBCADLtSrP44El2VoJmH14
 OFrlOgxzZnbn+Y/Gf1k12mJBiR+A+pBeRLD50p7AiTrjHRxO3cHcl9Dh0uf1VSbXgp8Or0ye
 iP/86fZPd4k5HXNmDTLL0HecPE08SCqGZ0W8vllQrokB1QxxRUB+fFMPJyMCjDAZ7P9fFTOS
 dTw1bJSTtOD8Sx8MpZUa9ti06bXFlVYDlaqSdgk181SSx+ZbSKkQR8CIMARlHwiLsa3Z9q9O
 EJr20HPyxe0AlTvwvFndH61hg7ds63eRvglwRnNON28VXO/lvKXq7Br/CiiyhFdKfINIx2Z5
 htYq22tgGTW7mBURbIKoECFBTX9Lv6BXz6w9ABEBAAHCwGUEGAEKAA8FAlJBztUCGwwFCRNP
 zzsACgkQfJ+WJvzb8UZcJQf+IsTCxUEqY7W/pT84sMg5/QD3s6ufTRncvq14fEOxCNq1Rf4Q
 9P+tOFa8GZfKDGB2BFGIrW7uT5mlmKdK1vO6ZIA930y5kUsnCmBUEBJkE2ciSQk01aB/1o62
 Q3Gk/F6BwtNY9OXiqF7AcAo+K/BMIaqb26QKeh+IIgK1NN9dQiq3ByTbl4zpGZa6MmsnnRTu
 mzGKt2nkz7vBzH6+hZp1OzGZikgjjhYWVFoJo1dvf/rv4obs0ZJEqFPQs/1Qa1dbkKBv6odB
 XJpPH0ssOluTY24d1XxTiKTwmWvHeQkOKRAIfD7VTtF4TesoZYkf7hsh3e3VwXhptSLFnEOi
 WwYofg==
Message-ID: <672e0d22-78e4-1499-a060-eaf0eb2e6c9b@FreeBSD.org>
Date: Wed, 11 Jul 2018 13:26:57 -0400
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <FA8EAA8E63D708A49EA6ED34@triton.njm.me.uk>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="Zc287nEO3eCN1OkdEfg3j7CGBkAXNJSqL"
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2018 17:27:03 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Zc287nEO3eCN1OkdEfg3j7CGBkAXNJSqL
Content-Type: multipart/mixed; boundary="aML6Kc2vCyrpbE6HiZgww5yKiqeSBEKCg";
 protected-headers="v1"
From: Jung-uk Kim <jkim@FreeBSD.org>
To: "N.J. Mann" <njm@njm.me.uk>
Cc: svn-ports-all@freebsd.org
Message-ID: <672e0d22-78e4-1499-a060-eaf0eb2e6c9b@FreeBSD.org>
Subject: Re: svn commit: r474467 - head/security/vuxml
References: <201807111644.w6BGiQVJ014595@repo.freebsd.org>
 <FA8EAA8E63D708A49EA6ED34@triton.njm.me.uk>
In-Reply-To: <FA8EAA8E63D708A49EA6ED34@triton.njm.me.uk>

--aML6Kc2vCyrpbE6HiZgww5yKiqeSBEKCg
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

On 07/11/2018 13:06, N.J. Mann wrote:
> Hi,
>=20
> On Wednesday, July 11, 2018 16:44:26 +0000 Jung-uk Kim <jkim@FreeBSD.or=
g> wrote:
>> Author: jkim
>> Date: Wed Jul 11 16:44:25 2018
>> New Revision: 474467
>> URL: https://svnweb.freebsd.org/changeset/ports/474467
>>
>> Log:
>>   Document the latest Flash Player vulnerabilities.
>>  =20
>>   https://helpx.adobe.com/security/products/flash-player/apsb18-24.htm=
l
>>
>> Modified:
>>   head/security/vuxml/vuln.xml
>>
>> Modified: head/security/vuxml/vuln.xml
>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>> --- head/security/vuxml/vuln.xml	Wed Jul 11 16:36:45 2018	(r474466)
>> +++ head/security/vuxml/vuln.xml	Wed Jul 11 16:44:25 2018	(r474467)
>> @@ -58,6 +58,38 @@ Notes:
>>    * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
>>  -->
>>  <vuxml xmlns=3D"http://www.vuxml.org/apps/vuxml-1">
>> +  <vuln vid=3D"e78732b2-8528-11e8-9c42-6451062f0f7a">
>> +    <topic>Flash Player -- multiple vulnerabilities</topic>
>> +    <affects>
>> +      <package>
>> +	<name>linux-flashplayer</name>
>> +	<range><lt>30.0.0.134</lt></range>
>> +      </package>
>> +    </affects>
>> +    <description>
>> +      <body xmlns=3D"http://www.w3.org/1999/xhtml">
>> +	<p>Adobe reports:</p>
>> +	<blockquote cite=3D"https://helpx.adobe.com/security/products/flash-=
player/apsb18-24.html">
>> +	  <ul>
>> +	    <li>This update resolves an out-of-boubds read vulnerability tha=
t
>=20
>                                         ^^^^^^^^^^^^^
> out-of-bounds

Oops, copy-and-pasto.

Fixed in r474471, thanks!

Jung-uk Kim


--aML6Kc2vCyrpbE6HiZgww5yKiqeSBEKCg--

--Zc287nEO3eCN1OkdEfg3j7CGBkAXNJSqL
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEl1bqgKaRyqfWXu/CfJ+WJvzb8UYFAltGPeUACgkQfJ+WJvzb
8UaHXgf/cLogjDHRi6RoCbsfBJT6bXica7zRBDRQ6SeJ+GsmaSykWPMasi6weFCo
ECRGrGu7vG/zfPrz8jcUOaymHOeTnVu1bpMtfb3509AU9cV2Id0qr1poKvcrB0nV
zCNXiKuYJJe5Fu0VKmRsKnkUrQy5InovhSeOJQng/kt41mGjH/3FNIMiZc4M5AlZ
SVxxpS8mIwclEs4aNDa2Y09Cj+O/KNXLChz7/4EyhqUREwkan0vvAQ149oaO2lo3
vQEL9DLpaNT83IsIRFkqfK4Gp6ENuRMpd4yWQXXZWVNY0xXuSNwrHcHDih61Rw5h
JEPKdZLO12a4QJ3L+anFgEj8iDeFuQ==
=3EA1
-----END PGP SIGNATURE-----

--Zc287nEO3eCN1OkdEfg3j7CGBkAXNJSqL--