Date: Mon, 18 Aug 2003 09:01:43 -0700 (PDT) From: Trevor Johnson <trevor@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/print/acroread5 Makefile distinfo Message-ID: <200308181601.h7IG1hcq005412@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
trevor 2003/08/18 09:01:43 PDT
FreeBSD ports repository
Modified files:
print/acroread5 Makefile distinfo
Log:
Update to 5.0.8. As reported by Paul Szabo in
<200307092234.h69MYHM43920@milan.maths.usyd.edu.au> on the
full-disclosure and bugtraq lists,
Despite recent security fixes, an exploitable buffer overflow
with long URL strings remains [in version 5.0.7]. The
overflow occurs when you click on the link, and allows
execution of arbitrary code.
Version 5.0.8 is a second attempt at correcting the problem.
Submitted by: Shiozaki Takehiko of be.to
Also remove some cruft, and add another master site. I only tested
this with linux_base-8-8.0_1.
Revision Changes Path
1.47 +4 -4 ports/print/acroread5/Makefile
1.11 +1 -1 ports/print/acroread5/distinfo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200308181601.h7IG1hcq005412>