ports/151258: print/acroread9 is vulnerable

Tsurutani Naoki turutani at scphys.kyoto-u.ac.jp
Wed Oct 6 12:00:13 UTC 2010 

>Number:         151258
>Category:       ports
>Synopsis:       print/acroread9 is vulnerable
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 06 12:00:11 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Tsurutani Naoki
>Release:        FreeBSD 8.1-STABLE i386
>Organization:
>Environment:
System: FreeBSD h120.65.226.10.32118.vlan.kuins.net 8.1-STABLE FreeBSD 8.1-STABLE #24: Wed Jul 28 12:32:20 JST 2010 turutani at h120.65.226.10.32118.vlan.kuins.net:/usr/local/work/usr/obj/usr/src/sys/POLYMER i386


	
>Description:
	acroread9-9.3.4 is vulnerable.
	9.4.0 is available.
	
>How-To-Repeat:
	
>Fix:
	here is a patch to print/acroread9/Makefile:
--- Makefile.orig	2010-09-03 05:57:19.000000000 +0900
+++ Makefile	2010-10-06 20:15:17.000000000 +0900
@@ -6,11 +6,12 @@
 #
 
 PORTNAME=	acroread9
-PORTVERSION=	9.3.4
+PORTVERSION=	9.4.0
+PORTVERSIONNAME=	${PORTVERSION:C/\.0$//}
 CATEGORIES?=	print linux
 MASTER_SITES?=	http://ardownload.adobe.com/pub/adobe/reader/unix/9.x/${PORTVERSION}/${ADOBE_LANG:L}/ \
 		ftp://ftp.adobe.com/pub/adobe/reader/unix/9.x/${PORTVERSION}/${ADOBE_LANG:L}/
-DISTNAME=	AdbeRdr${PORTVERSION}-1_i486linux_${ADOBE_LANG:L}
+DISTNAME=	AdbeRdr${PORTVERSIONNAME}-1_i486linux_${ADOBE_LANG:L}
 DIST_SUBDIR=	acroread

 MAINTAINER=	hrs at FreeBSD.org

	here are checksum for all localized ports:
	MD5 (acroread/AdbeRdr9.4-1_i486linux_enu.tar.bz2) = dd7a47695fb149c09dcda65c754708cb
	SHA256 (acroread/AdbeRdr9.4-1_i486linux_enu.tar.bz2) = ae2944c3b974cb12cd01556feba9d0a1dcee02b204aeb337586accb200d77524
	SIZE (acroread/AdbeRdr9.4-1_i486linux_enu.tar.bz2) = 60172172
	MD5 (acroread/AdbeRdr9.4-1_i486linux_fra.tar.bz2) = 63f926047d73cfb6a2924b477cff56c7
	SHA256 (acroread/AdbeRdr9.4-1_i486linux_fra.tar.bz2) = f090d27062cef605440c8583231914d14d6ba30b9959e1f110b8c75be88156ab
	SIZE (acroread/AdbeRdr9.4-1_i486linux_fra.tar.bz2) = 64514677
	h120[root] % ~turutani/bin/portchecksum acroread/AdbeRdr9.4-1_i486linux_deu.tar.bz2
	MD5 (acroread/AdbeRdr9.4-1_i486linux_deu.tar.bz2) = a916a6ce85a7fcbf288beef9f3c7b55b
	SHA256 (acroread/AdbeRdr9.4-1_i486linux_deu.tar.bz2) = fbb956e28bcca56694902f6e0e196f14994661db736c9a64291aee86c2bc1af2
	SIZE (acroread/AdbeRdr9.4-1_i486linux_deu.tar.bz2) = 65880998
	MD5 (acroread/AdbeRdr9.4-1_i486linux_jpn.tar.bz2) = 5e0c494047645c982328bcad1f559603
	SHA256 (acroread/AdbeRdr9.4-1_i486linux_jpn.tar.bz2) = 762266e1049b27010177faabda8028874a2675e3242eeff3a52cccd780d35b02
	SIZE (acroread/AdbeRdr9.4-1_i486linux_jpn.tar.bz2) = 68336537

	Note that this port does not work fine on FreeBSD 8-STABLE.
	


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list