<200307092234.h69MYHM43920@milan.maths.usyd.edu.au> on the
full-disclosure and bugtraq lists,
Despite recent security fixes, an exploitable buffer overflow
with long URL strings remains [in version 5.0.7]. The
overflow occurs when you click on the link, and allows
execution of arbitrary code.
Version 5.0.8 is a second attempt at correcting the problem.
Submitted by: Shiozaki Takehiko of be.to
Also remove some cruft, and add another master site. I only tested
this with linux_base-8-8.0_1.
Acrobat Reader before 5.0.7 has a vulnerability that may
allow remote attackers to execute arbitrary commands on a
target system.
Adobe Systems Incorporated Information for VU#200132
http://www.kb.cert.org/vuls/id/IAFY-5MCQ4L
CERT/CC Vulnerability Note VU#200132
http://www.kb.cert.org/vuls/id/200132
PR: ports/53479
Submitted by: rushani
Approved by: maintainer timeout (1 week)
omitted and the -E option was, in one instance, used twice. Change
PORTREVISION because runtime errors were reported by Arjan van
Leeuwen.
Submitted by: KOMATSU Shinichiro and Niall Brady
PR: 41121 and 41605
While I'm here, make a whitespace change suggested by portlint.
The README says:
A security patch was applied that solves the problem reported
in http://online.securityfocus.com/archive/1/278984 where
opening the font cache when the application starts up can
unintentionally cause the permissions of other files to
change.
I failed to reproduce the bug in version 5.0.5 and I have not tried
to reproduce it with this version. The discoverer, Paul Szabo,
said that linked files could have not just their permissions changed,
but could be overwritten. caveat lector.
PR: 40987
Submitted by: Oliver Braun
Add a DIST_SUBDIR because neither the name of the distfile nor the
list of its contents ("tar tzvf" output) mention the name of the
program.
[Has anyone figured-out what makes the number 393 so interesting to PW, now?]
I wonder what was going through Jordan's head during his infamous
$Id$-smashing commit.
Before I forget....
Thanks to naddy@mips.rhein-neckar.de (Christian Weisgerber) for prompting
this commit. See msg-id: 7geokh$tje$1@mips.rhein-neckar.de
Creating gzip'd tar ball in '/usr/ports/packages/All/acroread-3.02.tgz'
tar: can't add file Acrobat3/Reader/intellinux/lib/libagm.so.2 : No such file or directory
tar: can't add file Acrobat3/Reader/intellinux/lib/libpfs.so.2 : No such file or directory
tar: can't add file Acrobat3/Reader/intellinux/lib/libreadcore.so.3 : No such file or directory
/usr/sbin/pkg_create: tar command failed with code 256
*** Error code 1
