pkgsrc/multimedia/adobe-flash-plugin11
abs d0bf9dfda7 Updated multimedia/adobe-flash-plugin11 to 11.1.102.55
Changes from 11.0.1.152

Critical vulnerabilities have been identified in Adobe Flash Player
11.0.1.152 and earlier versions for Windows, Macintosh, Linux and
Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions
for Android. These vulnerabilities could cause a crash and potentially
allow an attacker to take control of the affected system.

Adobe recommends users of Adobe Flash Player 11.0.1.152 and earlier
versions for Windows, Macintosh, Linux and Solaris update to Adobe
Flash Player 11.1.102.55. Users of Adobe Flash Player 11.0.1.153
and earlier versions for Android should update to Adobe Flash Player
11.1.102.59 for Android. Users of Adobe AIR 3.0 for Windows,
Macintosh, and Android should update to Adobe AIR 3.1.0.4880.

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2445).

This update resolves a heap corruption vulnerability that could lead to code execution (CVE-2011-2450).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2451).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2452).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2453).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2454).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2455).

This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2456).

This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2011-2457).

This update resolves a vulnerability that could lead to a cross-domain policy bypass (Internet Explorer-only) (CVE-2011-2458).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2459).

This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2460).

... now after reading the above, just how happy are people running this code
from their browsers?
2011-11-12 22:01:48 +00:00
..
DESCR
distinfo
INSTALL.nspluginwrapper
Makefile
MESSAGE.pulseaudio
options.mk
PLIST