Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by www.NetBSD.org (Postfix) with ESMTP id 743B363B8A8 for ; Sat, 12 Nov 2011 22:01:52 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 4A60314A329; Sat, 12 Nov 2011 22:01:52 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 2BCCB14A328 for ; Sat, 12 Nov 2011 22:01:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id KSsTe9os4lEq for ; Sat, 12 Nov 2011 22:01:48 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 824E414A1CE for ; Sat, 12 Nov 2011 22:01:48 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 6CB42175DD; Sat, 12 Nov 2011 22:01:48 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Sat, 12 Nov 2011 22:01:48 +0000 From: "David Brownlee" Subject: CVS commit: pkgsrc/multimedia/adobe-flash-plugin11 To: pkgsrc-changes@NetBSD.org Reply-To: abs@netbsd.org X-Mailer: log_accum Message-Id: <20111112220148.6CB42175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: abs Date: Sat Nov 12 22:01:48 UTC 2011 Modified Files: pkgsrc/multimedia/adobe-flash-plugin11: Makefile distinfo Log Message: Updated multimedia/adobe-flash-plugin11 to 11.1.102.55 Changes from 11.0.1.152 Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android. These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system. Adobe recommends users of Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris update to Adobe Flash Player 11.1.102.55. Users of Adobe Flash Player 11.0.1.153 and earlier versions for Android should update to Adobe Flash Player 11.1.102.59 for Android. Users of Adobe AIR 3.0 for Windows, Macintosh, and Android should update to Adobe AIR 3.1.0.4880. This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2445). This update resolves a heap corruption vulnerability that could lead to code execution (CVE-2011-2450). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2451). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2452). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2453). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2454). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2455). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2456). This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2011-2457). This update resolves a vulnerability that could lead to a cross-domain policy bypass (Internet Explorer-only) (CVE-2011-2458). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2459). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2460). ... now after reading the above, just how happy are people running this code from their browsers? To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/multimedia/adobe-flash-plugin11/Makefile \ pkgsrc/multimedia/adobe-flash-plugin11/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.