-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-20-6 tvOS 10
The tvOS 10 advisory has been released to describe the entries below:
Audio
Available for: Apple TV (4th generation)
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-20-5 watchOS 3
The watchOS 3 advisory has been updated to include additional entries
as noted below.
Audio
Available for: All Apple Watch models
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-20-4 macOS Server 5.2
macOS Server 5.2 is now available and addresses the following:
apache
Available for: macOS 10.12 Sierra
Impact: A remote attacker may be able to proxy traffic through an
arbitrary server
Description: An
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-20-3 iOS 10
The iOS 10 advisory has been updated to include additional entries as
noted below.
AppleMobileFileIntegrity
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-20-2 Safari 10
Safari 10 is now available and addresses the following:
Safari Reader
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS 10.12 Sierra
Impact: Enabling the Safari Reader feature on a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-09-14-1 iOS 10.0.1
iOS 10.0.1 is now available and addresses the following:
Kernel
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: An application may be able to disclose
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-08-25-1 iOS 9.3.5
iOS 9.3.5 is now available and addresses the following:
Kernel
Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th
generation) and later
Impact: An application may be able to disclose kernel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-6 iTunes 12.4.2
iTunes 12.4.2 for Windows is now available and addresses the following:
libxml2
Impact: Multiple vulnerabilities in libxml2
Description: Multiple memory corruption issues were addressed
through improved memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-5 Safari 9.1.2
Safari 9.1.2 is now available and addresses the following:
WebKit
Available for: OS X El Capitan v10.11.6
Impact: Visiting a malicious website may disclose image data from
another website
Description: A timing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-4 tvOS 9.2.2
tvOS 9.2.2 is now available and addresses the following:
CoreGraphics
Available for: Apple TV (4th generation)
Impact: A remote attacker may be able to execute arbitrary code
Description: A memory corruption
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-3 watchOS 2.2.2
watchOS 2.2.2 is now available and addresses the following:
CoreGraphics
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A remote attacker may be able to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-2 iOS 9.3.3
iOS 9.3.3 is now available and addresses the following:
Calendar
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted calendar invite may cause
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update
2016-004
OS X El Capitan v10.11.6 and Security Update 2016-004 is now
available and addresses the following:
apache_mod_php
Available for:
OS X Yosemite v10.10.5 and OS X El
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-06-20-1 AirPort Base Station Firmware Update 7.6.7 and
7.7.7
AirPort Base Station Firmware Update 7.6.7 and 7.7.7 is now available
and addresses the following:
AirPort Base Station Firmware
Available for: AirPort Express, AirPort
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-05-16-6 iTunes 12.4
iTunes 12.4 is now available and addresses the following:
iTunes
Available for: Windows 7 and later
Impact: Running the iTunes installer in an untrusted directory may
have resulted in arbitrary code execution
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-05-16-5 Safari 9.1.1
Safari 9.1.1 is now available and addresses the following:
Safari
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11.5
Impact: A user may be unable to fully delete
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update
2016-003
OS X El Capitan 10.11.5 and Security Update 2016-003 is now available
and addresses the following:
AMD
Available for: OS X El Capitan v10.11 and later
Impact: An
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-05-16-3 watchOS 2.2.1
watchOS 2.2.1 is now available and addresses the following:
CommonCrypto
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A malicious application may be able
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-05-16-2 iOS 9.3.2
iOS 9.3.2 is now available and addresses the following:
Accessibility
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to determine
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-05-16-1 tvOS 9.2.1
tvOS 9.2.1 is now available and addresses the following:
CFNetwork Proxies
Available for: Apple TV (4th generation)
Impact: An attacker in a privileged network position may be able to
leak sensitive user
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-05-03-1 Xcode 7.3.1
Xcode 7.3.1 is now available and addresses the following:
Git
Available for: OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to execute arbitrary code
Description: A heap-based buffer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-03-31-1 iBooks Author 2.4.1
iBooks Author 2.4.1 is now available and addresses the following:
iBooks Author
Available for: OS X Yosemite v10.10 or later
Impact: Parsing a maliciously crafted iBooks Author file may lead to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-03-21-6 Safari 9.1
Safari 9.1 is now available and addresses the following:
libxml2
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
OS X El Capitan v10.11 to v10.11.3
Impact: Processing maliciously crafted XML may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-03-21-3 tvOS 9.2
tvOS 9.2 is now available and addresses the following:
FontParser
Available for: Apple TV (4th generation)
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-03-21-7 OS X Server 5.1
OS X Server 5.1 is now available and addresses the following:
Server App
Available for: OS X Yosemite v10.10.5 and later
Impact: An administrator may unknowingly store backups on a volume
without permissions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-03-21-4 Xcode 7.3
Xcode 7.3 is now available and addresses the following:
otool
Available for: OS X El Capitan v10.11 and later
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-03-21-1 iOS 9.3
iOS 9.3 is now available and addresses the following:
AppleUSBNetworking
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: An application may be able to execute
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-02-25-1 Apple TV 7.2.1
Apple TV 7.2.1 is now available and addresses the following:
bootp
Available for: Apple TV (3rd Generation)
Impact: A malicious Wi-Fi network may be able to determine networks
a device has previously
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-01-25-1 tvOS 9.1.1
tvOS 9.1.1 is now available and addresses the following:
Disk Images
Available for: Apple TV (4th generation)
Impact: A local user may be able to execute arbitrary code with
kernel privileges
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-01-19-1 iOS 9.2.1
iOS 9.2.1 is now available and addresses the following:
Disk Images
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A local user may be able to execute
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-01-19-3 Safari 9.0.3
Safari 9.0.3 is now available and addresses the following:
WebKit
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
OS X El Capitan v10.11 to v10.11.2
Impact: Visiting a maliciously crafted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-01-19-2 OS X El Capitan 10.11.3 and Security Update
2016-001
OS X El Capitan 10.11.3 and Security Update 2016-001 is now available
and addresses the following:
AppleGraphicsPowerManagement
Available for: OS X El Capitan v10.11 to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2016-01-07-1 QuickTime 7.7.9
[Re-sending with a valid signature]
QuickTime 7.7.9 is now available and addresses the following:
QuickTime
Available for: Windows 7 and Windows Vista
Impact: Viewing a maliciously crafted movie file may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-12-08-4 watchOS 2.1
watchOS 2.1 is now available and addresses the following:
AppSandbox
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A malicious application may maintain access
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-12-08-1 iOS 9.2
iOS 9.2 is now available and addresses the following:
AppleMobileFileIntegrity
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-12-08-2 tvOS 9.1
tvOS 9.1 is now available and addresses the following:
AppleMobileFileIntegrity
Available for: Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary
code with system privileges
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-12-08-5 Safari 9.0.2
Safari 9.0.2 is now available and addresses the following:
WebKit
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
OS X El Capitan v10.11 and v10.11.1
Impact: Visiting a maliciously crafted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-12-08-4 watchOS 2.1
watchOS 2.1 is now available and addresses the following:
AppSandbox
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: A malicious application may maintain access
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-12-08-6 Xcode 7.2
Xcode 7.2 is now available and addresses the following:
Git
Available for: OS X Yosemite v10.10.5 or later
Impact: Multiple vulnerabilities existed in Git
Description: Multiple vulnerabilities existed in Git
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008
OS X El Capitan 10.11.2 and Security Update 2015-008 is now available
and addresses the following:
apache_mod_php
Available for: OS X El Capitan v10.11 and v10.11.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002
Mac EFI Security Update 2015-002 is now available and addresses the
following:
EFI
Available for: OS X Mavericks v10.9.5
Impact: An attacker can exercise unused EFI functions
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-10-21-8 OS X Server 5.0.15
OS X Server 5.0.15 is now available and addresses the following:
BIND
Available for: OS X Yosemite 10.10.5,
OS X El Capitan 10.11.1 or later
Impact: Multiple vulnerabilities in BIND
Description: Multiple
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-10-21-2 watchOS 2.0.1
watchOS 2.0.1 is now available and addresses the following:
Apple Pay
Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition,
and Apple Watch Hermes
Impact: Some cards may allow a terminal to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-10-21-5 iTunes 12.3.1
iTunes 12.3.1 is now available and addresses the following:
iTunes
Available for: Windows 7 and later
Impact: A man-in-the-middle attack while browsing the iTunes Store
via iTunes may result in unexpected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-10-21-1 iOS 9.1
iOS 9.1 is now available and addresses the following:
Accelerate Framework
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update
2015-007
OS X El Capitan 10.11.1 and Security Update 2015-007 are now
available and address the following:
Accelerate Framework
Available for: OS X Mavericks v10.9.5, OS X Yosemite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and
iWork for iOS 2.6
Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 are now
available which address the following:
Keynote, Pages, and Numbers
Available for: OS X Yosemite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-30-01 iOS 9.0.2
iOS 9.0.2 is now available and addresses the following:
Lock Screen
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A person with physical access to an iOS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11
OS X El Capitan 10.11 is now available and addresses the following:
Address Book
Available for: Mac OS X v10.6.8 and later
Impact: A local attacker may be able to inject arbitrary code to
processes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-30-2 Safari 9
Safari 9 is now available and addresses the following:
Safari
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact: Visiting a malicious website may lead to user interface
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-21-1 watchOS 2
watchOS 2 is now available and addresses the following:
Apple Pay
Available for: Apple Watch Sport, Apple Watch,
and Apple Watch Edition
Impact: Some cards may allow a terminal to retrieve limited recent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-16-4 OS X Server 5.0.3
OS X Server 5.0.3 is now available and addresses the following:
apache
Available for: OS X Yosemite v10.10.4 or later
Impact: Multiple vulnerabilities in Apache, the most serious of
which may allow a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-16-2 Xcode 7.0
Xcode 7.0 is now available and addresses the following:
DevTools
Available for: OS X Yosemite v10.10.4 or later
Impact: An attacker may be able to bypass access restrictions
Description: An API issue existed in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-16-3 iTunes 12.3
iTunes 12.3 is now available and addresses the following:
iTunes
Available for: Windows 7 and later
Impact: Applications that use CoreText may be vulnerable to
unexpected application termination or arbitrary
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-09-16-1 iOS 9
iOS 9 is now available and addresses the following:
Apple Pay
Available for: iPhone 6, iPad mini 3, and iPad Air 2
Impact: Some cards may allow a terminal to retrieve limited recent
transaction information when making
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-08-20-1 QuickTime 7.7.8
QuickTime 7.7.8 is now available and addresses the following:
QuickTime
Available for: Windows 7 and Windows Vista
Impact: Processing a maliciously crafted file may lead to an
unexpected application
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8
Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 is now available and
addresses the following:
Safari Application
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update
2015-006
OS X Yosemite v10.10.5 and Security Update 2015-006 is now available
and addresses the following:
apache
Available for: OS X Mavericks v10.9.5,
OS X Yosemite v10.10 to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-08-13-3 iOS 8.4.1
iOS 8.4.1 is now available and addresses the following:
AppleFileConduit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted afc command may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-08-13-4 OS X Server v4.1.5
OS X Server v4.1.5 is now available and addresses the following:
BIND
Available for: OS X Yosemite v10.10.5 or later
Impact: A remote attacker may be able to cause a denial of service
Description: An
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-06-30-5 QuickTime 7.7.7
QuickTime 7.7.7 is now available and addresses the following:
QT Media Foundation
Available for: Windows 7 and Windows Vista
Impact: Processing a maliciously crafted file may lead to an
unexpected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-06-30-6 iTunes 12.2
iTunes 12.2 is now available and addresses the following:
WebKit
Available for: Windows 8 and Windows 7
Impact: A man-in-the-middle attack while browsing the iTunes Store
via iTunes may lead to an unexpected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-06-30-1 iOS 8.4
iOS 8.4 is now available and addresses the following:
Application Store
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious universal provisioning profile
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7
Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and
address the following:
WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001
Mac EFI Security Update 2015-001 is now available and addresses the
following:
EFI
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: A malicious application with root
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-05-19-1 Watch OS 1.0.1
Watch OS 1.0.1 is now available and addresses the following:
Certificate Trust Policy
Available for: Apple Watch Sport, Apple Watch,
and Apple Watch Edition
Impact: Update to the certificate trust policy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-05-06-1 Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6
Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6 are now available and
address the following:
WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X Yosemite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-04-08-4 Apple TV 7.2
Apple TV 7.2 is now available and addresses the following:
Apple TV
Available for: Apple TV 3rd generation and later
Impact: A malicious application may be able to execute arbitrary
code with system privileges
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-04-08-3 iOS 8.3
iOS 8.3 is now available and addresses the following:
AppleKeyStore
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to guess the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2015-04-08-5 Xcode 6.3
Xcode 6.3 is now available and addresses the following:
Clang
Available for: OS X Mavericks v10.9.4 or later
Impact: An attacker may be able to bypass stack guards
Description: A register allocation issue existed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
OS X Yosemite 10.10.3 and Security Update 2015-004 are now available
and address the following:
Admin Framework
Available for: OS X Yosemite v10.10 to v10.10.2
Impact: A process may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are now available and
address the following:
Safari
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X Yosemite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-03-19-1 Security Update 2015-003
Security Update 2015-003 is now available and addresses the
following:
iCloud Keychain
Available for: OS X Yosemite v10.10.2
Impact: An attacker with a privileged network position may be able
to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and
address the following:
WebKit
Impact: Visiting a maliciously crafted website may lead to an
unexpected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-03-09-3 Security Update 2015-002
Security Update 2015-002 is now available and addresses the
following:
iCloud Keychain
Available for: OS X Yosemite v10.10.2
Impact: An attacker with a privileged network position may be able
to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-03-09-1 iOS 8.2
iOS 8.2 is now available and addresses the following:
CoreTelephony
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A remote attacker can cause a device to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-03-09-2 AppleTV 7.1
AppleTV 7.1 is now available and addresses the following:
Apple TV
Available for: Apple TV 3rd generation and later
Impact: An attacker with a privileged network position may intercept
SSL/TLS connections
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-03-09-4 Xcode 6.2
Xcode 6.2 is now available and addresses the following:
subversion
Available for: OS X Mavericks v10.9.4 or later
Impact: Multiple vulnerabilities in Apache Subversion
Description: Multiple vulnerabilities existed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-01-27-1 Apple TV 7.0.3
Apple TV 7.0.3 is now available and addresses the following:
Apple TV
Available for: Apple TV 3rd generation and later
Impact: A maliciously crafted afc command may allow access to
protected parts of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-01-27-2 iOS 8.1.3
iOS 8.1.3 is now available and addresses the following:
AppleFileConduit
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted afc command may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3
Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and
address the following:
WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001
OS X 10.10.2 and Security Update 2015-001 are now available and
address the following:
AFP Server
Available for: OS X Mavericks v10.9.5
Impact: A remote attacker may be able to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-12-22-1 OS X NTP Security Update
OS X NTP Security Update is now available and addresses the
following:
ntpd
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10.1
Impact: A remote attacker may be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3
Xcode 6.2 beta 3 is now available and addresses the following:
Git
Available for: OS X Mavericks v10.9.4 or later
Impact: Synching with a malicious git repository may allow
unexpected files to be added to the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2
Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 are now available and
include the security content of Safari 8.0.1, Safari 7.1.1, and
Safari 6.2.1:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
APPLE-SA-2014-12-3-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1
Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 is now available and
addresses the following:
WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-11-17-1 iOS 8.1.1
iOS 8.1.1 is now available and addresses the following:
CFNetwork
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: Website cache may not be fully cleared after
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1
OS X 10.10.1 is now available and addresses the following:
CFNetwork
Available for: OS X Yosemite v10.10
Impact: Website cache may not be fully cleared after leaving private
browsing
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-11-17-3 Apple TV 7.0.2
Apple TV 7.0.2 is now available and addresses the following:
Apple TV
Available for: Apple TV 3rd generation and later
Impact: An attacker with a privileged network position may cause an
unexpected application
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-22-1 QuickTime 7.7.6
QuickTime 7.7.6 is now available and addresses the following:
QuickTime
Available for: Windows 7, Vista, XP SP2 or later
Impact: Playing a maliciously crafted movie file may lead to an
unexpected application
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-20-2 Apple TV 7.0.1
Apple TV 7.0.1 is now available and addresses the following:
Apple TV
Available for: Apple TV 3rd generation and later
Impact: A malicious Bluetooth input device may bypass pairing
Description: Unencrypted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-20-1 iOS 8.1
iOS 8.1 is now available and addresses the following:
Bluetooth
Available for: iPhone 4s and later,
iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious Bluetooth input device may bypass pairing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
OS X Yosemite v10.10 is now available and addresses the following:
802.1X
Impact: An attacker can obtain WiFi credentials
Description: An attacker could have impersonated a WiFi access
point, offered to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-16-2 Security Update 2014-005
Security Update 2014-005 is now available and addresses the
following:
Secure Transport
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: An attacker may be able to decrypt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-16-3 OS X Server v4.0
OS X Server v4.0 is now available and addresses the following:
BIND
Available for: OS X Yosemite v10.10 or later
Impact: Multiple vulnerabilities in BIND, the most serious of which
may lead to a denial of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-16-6 iTunes 12.0.1
iTunes 12.0.1 is now available and addresses the following:
iTunes
Available for: Windows 8, Windows 7, Vista, XP SP2 or later
Impact: A man-in-the-middle attack while browsing the iTunes Store
via iTunes may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-16-4 OS X Server v3.2.2
OS X Server v3.2.2 is now available and addresses the following:
Server
Available for: OS X Mavericks v10.9.5 or later
Impact: An attacker may be able to decrypt data protected by SSL
Description: There
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-10-16-5 OS X Server v2.2.5
OS X Server v2.2.5 is now available and addresses the following:
Server
Available for: OS X Mountain Lion v10.8.5
Impact: An attacker may be able to decrypt data protected by SSL
Description: There are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1
Safari 6.2 and Safari 7.1 are now available and address the
following:
Safari
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
Impact: An attacker with a privileged network position
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update
2014-004
OS X Mavericks 10.9.5 and Security Update 2014-004 are now available
and address the following:
apache_mod_php
Available for: OS X Mavericks 10.9 to 10.9.4
Impact: Multiple
201 - 300 of 410 matches
Mail list logo