CVS commit: pkgsrc/multimedia/adobe-flash-plugin10.1

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/multimedia/adobe-flash-plugin10.1
From: "David Brownlee" <abs%netbsd.org@localhost>
Date: Sat, 12 Nov 2011 22:02:24 +0000

Module Name:    pkgsrc
Committed By:   abs
Date:           Sat Nov 12 22:02:24 UTC 2011

Modified Files:
        pkgsrc/multimedia/adobe-flash-plugin10.1: Makefile distinfo

Log Message:
Updated multimedia/adobe-flash-plugin10.1 to 10.3.183.11

Changes from 10.3.183.7

Critical vulnerabilities have been identified in Adobe Flash Player
11.0.1.152 and earlier versions for Windows, Macintosh, Linux and
Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions
for Android. These vulnerabilities could cause a crash and potentially
allow an attacker to take control of the affected system.

Adobe recommends users of Adobe Flash Player 11.0.1.152 and earlier
versions for Windows, Macintosh, Linux and Solaris update to Adobe
Flash Player 11.1.102.55. Users of Adobe Flash Player 11.0.1.153
and earlier versions for Android should update to Adobe Flash Player
11.1.102.59 for Android. Users of Adobe AIR 3.0 for Windows,
Macintosh, and Android should update to Adobe AIR 3.1.0.4880.

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2445).

This update resolves a heap corruption vulnerability that could lead to code 
execution (CVE-2011-2450).

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2451).

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2452).

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2453).

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2454).

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2455).

This update resolves a buffer overflow vulnerability that could lead to code 
execution (CVE-2011-2456).

This update resolves a stack overflow vulnerability that could lead to code 
execution (CVE-2011-2457).

This update resolves a vulnerability that could lead to a cross-domain policy 
bypass (Internet Explorer-only) (CVE-2011-2458).

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2459).

This update resolves a memory corruption vulnerability that could lead to code 
execution (CVE-2011-2460).

... now after reading the above, just how happy are people running this code
from their browsers?


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/multimedia/adobe-flash-plugin10.1/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/multimedia/adobe-flash-plugin10.1/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/multimedia/adobe-flash-plugin11
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/multimedia/adobe-flash-plugin11
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index