cvs commit: ports/french/acroread9 distinfo ports/german/acroread9 distinfo ports/japanese/acroread9 distinfo ports/print/acroread9 Makefile distinfo

From: Hiroki Sato <hrs_at_FreeBSD.org>
Date: Wed, 13 May 2009 08:51:44 +0000 (UTC)
hrs         2009-05-13 08:51:44 UTC

  FreeBSD ports repository

  Modified files:
    french/acroread9     distinfo 
    german/acroread9     distinfo 
    japanese/acroread9   distinfo 
    print/acroread9      Makefile distinfo 
  Log:
  Update to 9.1.1.  Two critical vulnerabilities have been fixed:
  
  - CVE-2009-1492
  
   The getAnnots Doc method in the JavaScript API in Adobe Reader
   and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote
   attackers to cause a denial of service (memory corruption) or
   execute arbitrary code via a PDF file that contains an
   annotation, and has an OpenAction entry with JavaScript code
   that calls this method with crafted integer arguments.
  
  - CVE-2009-1493
  
   The customDictionaryOpen spell method in the JavaScript API in
   Adobe Reader 8.1.4 and 9.1 on Linux allows remote attackers to
   cause a denial of service (memory corruption) or execute
   arbitrary code via a PDF file that triggers a call to this
   method with a long string in the second argument.
  
  Security:       CVE-2009-1492
  Security:       CVE-2009-1493
  Security:       http://www.adobe.com/support/security/bulletins/apsb09-06.html
  
  Revision  Changes    Path
  1.2       +3 -3      ports/french/acroread9/distinfo
  1.2       +3 -3      ports/german/acroread9/distinfo
  1.2       +3 -3      ports/japanese/acroread9/distinfo
  1.4       +4 -5      ports/print/acroread9/Makefile
  1.2       +3 -3      ports/print/acroread9/distinfo
Received on Wed May 13 2009 - 08:51:44 UTC