APPLE-SA-2018-3-29-8 iCloud for Windows 7.4
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-8 iCloud for Windows 7.4 iCloud for Windows 7.4 is now available and addresses the following: Security Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab CVE-2018-4114: found by OSS-Fuzz CVE-2018-4118: Jun Kokatsu (@shhnjk) CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team CVE-2018-4121: Natalie Silvanovich of Google Project Zero CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4128: Zach Markley CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: Windows 7 and later Impact: Unexpected interaction with indexing types causing an ASSERT failure Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks. CVE-2018-4113: found by OSS-Fuzz WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to a denial of service Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: Windows 7 and later Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. CVE-2018-4117: an anonymous researcher, an anonymous researcher Installation note: iCloud for Windows 7.4 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -BEGIN PGP SIGNATURE- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GmApHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEaDtw/+ K3HlfywEQOPnFA9Vpjy+3rPk4Pf7bcoO2wn4rpxbr3QYGT6A0vuhdk6dl79UdtXD 5Q+S6lE/F/1sm7M/MHUz2avEI1uyv3v1ZchVHfRBx09m5Z9mqrCa5JuFM8VVHPmY 7bjf22iM3beigDLbRXEAmVvp3WMSsfKnRk2XUJSTBT7xBceTwYEB2dGOIWGOnjH9 NhbF9z3fH++JgWF/PpFHV8ugOO2lH71T75/5tiDnYXLgDZO2+UI3s81ToWXHN5qN lctU34Bba9rJtVtrcywG97pA0jD/eNEkcWBko2e9TqDRmk8x/ps01nK/alsq5khP z1PlAv8i9VJ8rM/z2n2XNuq3nmJ1+1ZKHDWCC96mUWHHKHBNMiK1jxN8I/VrdVhO IwdsMzMaR0GWmSGJcjkunQXtyNh2iyuUAmHnQe8gK/4f4F9dHyq3ZwBOF2OcS/Xi VTh4TdEXfBQcqFQV/b7LEV0ESIZJR0ax33BOC6/kSV1KQWfRx1s75/56D1MtRNQF 1P0vSdRWg6bn0wqptEKc13eypaPbCPnitPKgSjrfdozOwsIQl8/o4bVhbIVPqorq nb3JVsxncUiGCSNbOEdQEZcJaaGDOx6oc6ofygwJH4cwH4PNerU2PyIokQ1JTkU8 a8wL82rnxS0ygxVFm9R3xKs1T5FwqCA15SzDx72S6xY= =saQw -END PGP SIGNATURE-
APPLE-SA-2018-3-29-2 watchOS 4.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-2 watchOS 4.3 watchOS 4.3 is now available and addresses the following: CoreFoundation Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel Groß (@5aelo) CVE-2018-4158: Samuel Groß (@5aelo) CoreText Available for: All Apple Watch models Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel Groß (@5aelo) Kernel Available for: All Apple Watch models Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: All Apple Watch models Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: All Apple Watch models Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) NSURLSession Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel Groß (@5aelo) Quick Look Available for: All Apple Watch models Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel Groß (@5aelo) Security Available for: All Apple Watch models Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) System Preferences Available for: All Apple Watch models Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. This issue was addressed through improved preferences cleanup. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera WebKit Available for: All Apple Watch models Impact: Unexpected interaction with indexing types causing an ASSERT failure Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks. CVE-2018-4113: found by OSS-Fuzz WebKit Available for: All Apple Watch models Impact: Processing maliciously crafted web content may lead to a denial of service Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: All Apple Watch models Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4114: found by OSS-Fuzz CVE-2018-4121: Natalie Silvanovich of Google Project Zero CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative WebKit Available for: All Apple Watch models Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. CVE-2018-4117: an anonymous researcher, an anonymous researcher Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -BEGIN PGP SIGNATURE- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlspHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZhfA//
APPLE-SA-2018-3-29-4 Xcode 9.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-4 Xcode 9.3 Xcode 9.3 is now available and addresses the following: LLVM Available for: macOS High Sierra 10.13.2 or later Impact: Multiple issues in llvm were addressed in this update Description: Multiple issues were addressed by updating to version the current version of LLVM shipping with Xcode. CVE-2018-4164: found by OSS-Fuzz Installation note: Xcode 9.3 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "9.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -BEGIN PGP SIGNATURE- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlwpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZaQg// fkrqYe4+rMCGg+cJfuC2IWAVH2xzlgKTqfGfOGPo1b8WO4dYYAjmNhKGS3XnMB7d tcfDQRyEQIgXWdSON9uVmEAkziLjeqAHerUgD2M2XWz2XTY3HLbEvJr3wOi8/CI1 w+e33MNp/dJVZScyrqvqz1tPB/va9kbnmtM2YTdqRdkPNrLjmKiimLqZjrWTfKxE f8lbwhGV7pZaCNQvI3YN3TdvTd2JECw08OqiCdEUO5NHFSXZrgm+Q8cnYfo0xv6y ArPFLqRw0xIkWVp2SGp7gj346uKOtVEfZ0UPXCSMtMCpBVGpyKb+ev7EwSB0ctC1 hqHIfo/4JD7AyJssGsZ6aB3bi4fvC3K4fbdR+NbpbWrxj5QFPl3iJgKTmn0IwMLU oPBZ6f8FZQFR/Pj6/OS11VcUgSAL1iMB8A10utDsDl3a7Ke1MthUpdCBbwam+I/Y fR50qGZC+p+B6uW7nRN91QxR6iyMZDHMUM2DEId4WkYHRAve8ecMa5YB2s22iQX8 Vq/BWijO7FRZIp057fRTg/C5lxpxqP0bLYXtyWVTPHW9PNKI0qurQN+JExQU1Grz /bd9h+UbOiqXz+0YmstVJGDVgAw1uMvzCnjfB5l5p8ZDTz7LwksRUIOHJi2lA0+n BaZNZOnz2Ystn5PhNL98Mcm+CwkP8pGK/9vDy8ZU3FY= =3u9H -END PGP SIGNATURE-
CA20180329-01: Security Notice for CA Workload Automation AE and CA Workload Control Center
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 CA20180329-01: Security Notice for CA Workload Automation AE and CA Workload Control Center Issued: March 29, 2018 Last Updated: March 29, 2018 CA Technologies Support is alerting customers to two potential risks with CA Workload Automation AE and CA Workload Control Center. Two vulnerabilities exist that can allow a remote attacker to conduct SQL injection attacks or execute code remotely. The first vulnerability, CVE-2018-8953, in CA Workload Automation AE, has a medium risk rating and concerns insufficient data validation that can allow an authenticated remote attacker to conduct SQL injection attacks. The second vulnerability, CVE-2018-8954, in CA Workload Control Center, has a high risk rating and concerns an Apache MyFaces configuration that can allow an authenticated remote attacker to conduct remote code execution attacks. Risk Rating CVE-2018-8953 - Medium CVE-2018-8954 - High Platform(s) All supported platforms Affected Products CVE-2018-8953: CA Workload Automation AE r11.3.5, r11.3.6 SP6 and earlier CVE-2018-8954: CA Workload Control Center (CA WCC) r11.4 SP5 and earlier Unaffected Products CA Workload Automation AE r11.3.5 with appropriate fixes listed below CA Workload Automation AE r11.3.6 SP7 CA Workload Control Center (CA WCC) r11.4 SP5 with appropriate fixes listed below CA Workload Control Center (CA WCC) r11.4 SP6 How to determine if the installation is affected Customers may use the CA Workload Automation AE / CA Workload Control Center interface to find the installed version and then use the table in the Affected Products section to determine if the installation is vulnerable. Solution CA Technologies published the following solutions to address the vulnerabilities. CA Workload Automation AE r11.3.5: Apply the appropriate patch for your platform: Windows: SO00700 HP: SO00696 AIX: SO00695 Sun: SO00694 Linux: SO00693 CA Workload Automation AE r11.3.6: Apply SP7. CA Workload Control Center (CA WCC) r11.4 SP5: Apply patch RO99200 or CA Workload Control Center (CA WCC) r11.4 SP6 References CVE-2018-8953 - CA Workload Automation AE SQL injection CVE-2018-8954 - CA Workload Control Center MyFaces RCE Acknowledgement CVE-2018-8953 - Hamed Merati from Sense of Security Labs CVE-2018-8954 - Hamed Merati and Kacper Nowak from Sense of Security Labs Change History Version 1.0: Initial Release Customers who require additional information about this notice may contact CA Technologies Support at https://support.ca.com/ If you discover a vulnerability in CA Technologies products, please send a report to CA Technologies Product Vulnerability Response at vuln ca.com Security Notices and PGP key support.ca.com/irj/portal/anonymous/phpsbpldgpg www.ca.com/us/support/ca-support-online/documents.aspx?id=177782 Regards, Regards, Ken Williams Vulnerability Response Director CA Technologies Product Vulnerability Response Team Copyright (c) 2018 CA. 520 Madison Avenue, 22nd Floor, New York, NY 10022. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. -BEGIN PGP SIGNATURE- Version: Encryption Desktop 10.3.2 (Build 16620) Charset: utf-8 wsFVAwUBWr2G/8Mr2sgsME5lAQoYsQ//Tt/AFWC716QPLJLhQtdwIkMuD1xjEjeM VXnLjDxakia0czUXWKkvL44O8SINlhPqgu0PJe7soGTvq1AqSO1BlX5nTSlcz0lS 3IWj3CZQnGIx15blX6nfWAdIO8mwH7Yxc/FtG2QT3AmjuJW+C9sxAljcCv9fK2Rk dY9om/tSmCXYwfuy/z4jpEqRXZLyOhYQ9P3+32oWSJeD4xSnifcUxbtLvm3urI9o es14hVTL4fnX2/E33hK1ndNRuQaGuGz0oy5xLWhJ8MmkDK404tZnATRvwH5jLASY m5JRIY61kg+G1MBIYU/F88zSw8aODyNnK3DKpcVS6fvCa46IPunVWvh7+YRRgc70 hjR+1F5MIJ+fg9qudWD0BdKQiqXJ0jHBS/N/bannUcP8FkHUdIzgUIwgxOpg7wPf +UsmOcIzvS2zs6PNES/6XdDc1MRrmbZhM0BNZaniue7rgNhaDsSPAuXPwcJDRurv bFfvqiA01Lt/BIgkbUjHTHbd4XiS46XLgtzxbXwlC7SgKgWViQgwMY7I/KQEIrqG tuvjV8BwJdOVFN6UPFNvY/0FEf1C7pVcrIaxVZpWOGnZKddIvU6Dm/Arf+ezW09h /Tc8wpW3SLh8MrEONN++VeCtUhuWAwnCqx/fA8JCGWYEfjp7WXlGMgArWNRc1WmD tfPwcRGax7A= =mX47 -END PGP SIGNATURE-
APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan Admin Framework Available for: macOS High Sierra 10.13.3 Impact: Passwords supplied to sysadminctl may be exposed to other local users Description: The sysadminctl command-line tool required that passwords be passed to it in its arguments, potentially exposing the passwords to other local users. This update makes the password parameter optional, and sysadminctl will prompt for the password if needed. CVE-2018-4170: an anonymous researcher APFS Available for: macOS High Sierra 10.13.3 Impact: An APFS volume password may be unexpectedly truncated Description: An injection issue was addressed through improved input validation. CVE-2018-4105: David J Beitey (@davidjb_), Geoffrey Bugniot ATS Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3 Impact: Processing a maliciously crafted file might disclose user information Description: A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks. CVE-2018-4112: Haik Aftandilian of Mozilla CFNetwork Session Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel Groß (@5aelo) CoreFoundation Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel Groß (@5aelo) CVE-2018-4158: Samuel Groß (@5aelo) CoreText Available for: macOS High Sierra 10.13.3 Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH CoreTypes Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: Processing a maliciously crafted webpage may result in the mounting of a disk image Description: A logic issue was addressed with improved restrictions. CVE-2017-13890: Apple, Theodor Ragnar Gislason of Syndis curl Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: Multiple issues in curl Description: An integer overflow existed in curl. This issue was addressed through improved bounds checking. CVE-2017-8816: an anonymous researcher Disk Images Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3 Impact: Mounting a malicious disk image may result in the launching of an application Description: A logic issue was addressed with improved validation. CVE-2018-4176: Theodor Ragnar Gislason of Syndis Disk Management Available for: macOS High Sierra 10.13.3 Impact: An APFS volume password may be unexpectedly truncated Description: An injection issue was addressed through improved input validation. CVE-2018-4108: Kamatham Chaitanya of ShiftLeft Inc., an anonymous researcher File System Events Available for: macOS High Sierra 10.13.3 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel Groß (@5aelo) iCloud Drive Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3 Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel Groß (@5aelo) Intel Graphics Driver Available for: macOS High Sierra 10.13.3 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4132: Axis and pjf of IceSword Lab of Qihoo 360 IOFireWireFamily Available for: macOS High Sierra 10.13.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4135: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. Kernel Available for: macOS High Sierra 10.13.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.3 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: macOS High Sierra 10.13.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue
APPLE-SA-2018-3-29-3 tvOS 11.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-3 tvOS 11.3 tvOS 11.3 is now available and addresses the following: CoreFoundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel Groß (@5aelo) CoreText Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel Groß (@5aelo) Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) NSURLSession Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel Groß (@5aelo) Quick Look Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel Groß (@5aelo) Security Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) System Preferences Available for: Apple TV 4K and Apple TV (4th generation) Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. This issue was addressed through improved preferences cleanup. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Unexpected interaction with indexing types causing an ASSERT failure Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks. CVE-2018-4113: found by OSS-Fuzz WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to a denial of service Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab CVE-2018-4114: found by OSS-Fuzz CVE-2018-4118: Jun Kokatsu (@shhnjk) CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team CVE-2018-4121: Natalie Silvanovich of Google Project Zero CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4128: Zach Markley CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also
[slackware-security] ruby (SSA:2018-088-01)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] ruby (SSA:2018-088-01) New ruby packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--+ patches/packages/ruby-2.2.10-i586-1_slack14.2.txz: Upgraded. This release includes some bug fixes and some security fixes: HTTP response splitting in WEBrick. Unintentional file and directory creation with directory traversal in tempfile and tmpdir. DoS by large request in WEBrick. Buffer under-read in String#unpack. Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket. Unintentional directory traversal by poisoned NUL byte in Dir. Multiple vulnerabilities in RubyGems. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780 (* Security fix *) +--+ Where to find the new packages: +-+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/ruby-2.2.10-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/ruby-2.2.10-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/ruby-2.5.1-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/ruby-2.5.1-x86_64-1.txz MD5 signatures: +-+ Slackware 14.2 package: 6d9fe0b738bd69415ef3baa099ff080c ruby-2.2.10-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 7c78396305daa605f770ea4d41dc3ae8 ruby-2.2.10-x86_64-1_slack14.2.txz Slackware -current package: 344aff109ec8333eb9b8528e4586c93e d/ruby-2.5.1-i586-1.txz Slackware x86_64 -current package: 7769371ca9beb48b5a8188c91cabf32f d/ruby-2.5.1-x86_64-1.txz Installation instructions: ++ Upgrade the package as root: # upgradepkg ruby-2.2.10-i586-1_slack14.2.txz +-+ Slackware Linux Security Team http://slackware.com/gpg-key secur...@slackware.com ++ | To leave the slackware-security mailing list: | ++ | Send an email to majord...@slackware.com with this text in the body of | | the email message: | || | unsubscribe slackware-security | || | You will get a confirmation message back containing instructions to| | complete the process. Please do not reply to this email address. | ++ -BEGIN PGP SIGNATURE- iEYEARECAAYFAlq9UWQACgkQakRjwEAQIjNzBwCdGrBY1uRsC+7m8733/dS4bxTO sygAn2iQfqW5XjBajNnIAZELIWg8BmXz =Djyy -END PGP SIGNATURE-
[SECURITY] [DSA 4158-1] openssl1.0 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4158-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2018https://www.debian.org/security/faq - - Package: openssl1.0 CVE ID : CVE-2018-0739 It was discovered that constructed ASN.1 types with a recursive definition could exceed the stack, potentially leading to a denial of service. Details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20180327.txt For the stable distribution (stretch), this problem has been fixed in version 1.0.2l-2+deb9u3. We recommend that you upgrade your openssl1.0 packages. For the detailed security status of openssl1.0 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl1.0 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlq9WYdfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Sb9RAAoKGLpk9eLzxogiZ5mrFolsRAsDX+zWuzzDjWbg4qf06vi8Vtvk0pkT+Q vUV7UT5imCs1g72I2jN8zfkzGWsZS0mb5SdgZ2+k7IwAElCPg3wsv1l9/WAcIFJC 7GdB4jtgbgWyNNplGPUmbfpl88gHPVOq9J/7uwut3mUDi2MN/pDGr2rk0JE+1i05 BY2krOz5Pn9HBKKg46713I9s3BfgqaDt9W4sAOh+A4+vmXT1fw5c+TNKedCC05Vu W6gEUcxTwlgJN5Sf9+gUXg1VGyfYrYs4re55rsog6bUBDmisD3bb0lUNp97z5VZN epkZlZs+PlBP8hYhDFRzgpmzoJs5sMqBXUwCdF9JNRvzUF8xwlZ90T3/ZOv2LkOd S3Gl7HKgyRqQZzFRXVYeWi5Mo0zUOq9qqOI2C3X41T40VHcVTicYEi/hMFvGsLjA SnRXlc7tGc4qE+QXzNK5XXZKdCnJkruZA6Ch2obzfD6UBipQRNLP4nDw7B5m3bXS fMu86Zamp1uaziEFZU769GyAc9gTqSpoD2MDK0NCAbWbbPMJP4E+gtvxeT3OYvm9 TWSvf/YkUnge0RCu93mDxVAHXac8bVIGjyTyqBw+OZApCQHq4vjPxP+HDs0OS+6H d8CBhzzKxOk5+9uWskywfVaCB4Zd2q5KNcAY78UfMsdswpEsjm4= =Nuhw -END PGP SIGNATURE-
[SECURITY] [DSA 4157-1] openssl security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4157-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2018https://www.debian.org/security/faq - - Package: openssl CVE ID : CVE-2017-3738 CVE-2018-0739 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3738 David Benjamin of Google reported an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. CVE-2018-0739 It was discovered that constructed ASN.1 types with a recursive definition could exceed the stack, potentially leading to a denial of service. Details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20180327.txt For the oldstable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u8. The oldstable distribution is not affected by CVE-2017-3738. For the stable distribution (stretch), these problems have been fixed in version 1.1.0f-3+deb9u2. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlq9UxtfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qi/Q//U7BsT4ITKgPcpErXfKx5RXi2xcPw/trUr83HqZvNIR99HUnQPVYbkyyX PLvB6xhmPAjx4cQFff8e5EIHR2OpoRzZ5nAvqo2b2bn1liVL1/pllYmj5HiHz5tb 8NXuDrDpO432rFDgrba6LDlXulq4Kux/NJpg1G/CkzNHMXXZR9xi3JZDMZU7jiZC eGynQd1MLlF2+6qWIX/7KJHI+tmT4ZNDK9IDMv/YH71gvku0ICY8zB+1qeHP7mPN dYYC6v5rqrES1SF//NxYu26E/YNo7krn6tN0OPhoDRZ3aPuqyOfB7QpxHOsdztfQ 2mIcXzS5JXdhQ5J8aEBrziAQ/nSoW+T533LniXVIiSQn+sYjrjg1vRt5PrBLx2N0 CNX4OVcstV2bGYKknOGYBVnEzURGoeydHx3zZn/OflCe+X6lpxQAwmfgrw4+T+FX QxnjVEn4e5HeR2RGOnHzA6g3GuyJ+OeU3g0WEbAgOhqowTx3OOX7/htYnt702GKQ 9aA4ypYG8228owbno857nfnDb6eGbeqeH3BF8B20p4VHwlL1+XxyMmM+yzgbwCoA 8npl1DiiyUNBFl3WpQrjg7NwWXw+EGp5F+GxRip9yO/8cxKXn3+LqZP7gGR/+Mz5 ATXpKzuY6L8Gzh4Y+W7IH+iApSpSOlDXzo18PVCfp9qxnKNjetA= =whaV -END PGP SIGNATURE-
APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows iTunes 12.7.4 for Windows is now available and addresses the following: Security Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab CVE-2018-4114: found by OSS-Fuzz CVE-2018-4118: Jun Kokatsu (@shhnjk) CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team CVE-2018-4121: Natalie Silvanovich of Google Project Zero CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4128: Zach Markley CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: Windows 7 and later Impact: Unexpected interaction with indexing types causing an ASSERT failure Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks. CVE-2018-4113: found by OSS-Fuzz WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to a denial of service Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: Windows 7 and later Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. CVE-2018-4117: an anonymous researcher, an anonymous researcher Installation note: iTunes 12.7.4 for Windows may be obtained from: https://www.apple.com/itunes/download/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -BEGIN PGP SIGNATURE- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9Gl8pHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEY5SRAA kaeQpy/7Sev7CRxsApXpRKRlo+WXKvLa5XIuonS7+ro0qPnwM3opTJGbtTcD9pQa mY2HQ7N7+EOJrFMbLByLfldLw4ZqrwK2tsid+gXr30GyKSqJLeH83oZ5CR5pmf3I 4YdzP8xXcFcxD7Sw5u1polwjKwFHjCA5ziGBOjvcBRcZIcBx+/ml8vRFPh4LGyuy kGDqAD3GLFIb4cc+cQzQNA9dn/5D33wfECP+fdKBq/BwNh1Hk3kWNOQLstycnOWY th1zyrHwPDmLOVQGpvL5WBDNR6Rft2ttVlNnNx4C7lpaKIh9Y7hF0QjyjtlBaRjf nfXFhW0GPlYMu/8zz9rgh3YB7boo7Ek5vPMjrl91oXdRhbiip6akVAdQ6YpvAHcy dqoVY+X/6uLHfl4AR3mTOwNkRJP3Cxo6KlRg7S8CyLYT5FVEEEUdCfk+pIpGG+A3 m80WGndW2hxwxKylSOAGdsNtEzn4SSLAQ4z2Iyhe3sPnPdBFRmEmVHWhwQg4yMbD g37KWguwokwiingqytNKrsQ8Fkx1YSrRLgNUwzeUSLUroQcMH0F9u9ewsvEEkbbI F8dlx62eWAQaRAY0tLe2LEXbCDyyrxDoQNvyy/mO7XM2FpX5mPQeer9AJmMMP9bU 7VHDWahYj6ym0lPc4nh/DmDPCUHrJ91Wdu0vjn+/T/Q= =YboF -END PGP SIGNATURE-
APPLE-SA-2018-3-29-6 Safari 11.1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-6 Safari 11.1 Safari 11.1 is now available and addresses the following: Safari Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4102: Kai Zhao of 3H security team CVE-2018-4116: @littlelailo, xisigr of Tencent's Xuanwu Lab (tencent.com) Safari Login AutoFill Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. The issue was addressed through improved autofill heuristics. CVE-2018-4137: WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab CVE-2018-4114: found by OSS-Fuzz CVE-2018-4118: Jun Kokatsu (@shhnjk) CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team CVE-2018-4121: Natalie Silvanovich of Google Project Zero CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4128: Zach Markley CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: Unexpected interaction with indexing types causing an ASSERT failure Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks. CVE-2018-4113: found by OSS-Fuzz WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. CVE-2018-4133: Anton Lopanitsyn of Wallarm, Linus Särud of Detectify (detectify.com), Yuji Tounai of NTT Communications Corporation WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: Processing maliciously crafted web content may lead to a denial of service Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4 Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. CVE-2018-4117: an anonymous researcher, an anonymous researcher Additional recognition WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance. Installation note: Safari 11.1 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -BEGIN PGP SIGNATURE- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9Gl8pHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEYFUQ// QO1Al/D5ErPzNtbiQEnmPD4O5JMl/mz+ztGEkncEBWZiq9/4X0B1WLr+Ve/hF4l2 mkDPU2EEcPTg/pDvyeYnh4xKCcCScgUHpwdqAmtECG4C59IH+uL1PCbi2UDVZ6Jg W/xpP3DFykn1e2/R5ZE1iObZc+jLz5Rta3k0/Z0v5YhXY7x+vtMhSMh3HTPhy28T eoHRY0W9iWZUCkuKV0ugCGGsnrx5awbz4rHBdGCewEWeUrk5+h6Mwo6sJTAoO+0E nVKdRu0hvU1RzZSn3eiLSvo5qVNNT6bK7hf1P3eMUdJ7e5/unIIE6WXo8ox5iyRB sdNqI8K/HuBzcpKggXFAjVce+CDc5LVd2Kf1g/ymqejHqGp3VEhGY8FwJRTFBenm svzGQLGAFpg2bl3oKt9RCfQG/NGWjg2HTgp4eHDqEeqkQNENxjDAMYYm3Z7O2ODI JzaHXunbltbUNzgzfUzfGX/xtDmnNczijYd1vpIc9C1l0nv620HW3aOqv1vP2bxT JQFWwoZiJ7plmgRXLzBR2lvcyEfNWOE466yF+QIo5iBWOeGrBZqb5dYkqEskrDFk 4ju2DsG61j+aK5flU5C7Z6JZLGVBEOm+2OuUu+O4+aboHV0mEDcitl7RUFUWfW2d p5479DG4FgkWaZZH9I7eC2xMrPDspLU7Jscg6UCpeyQ= =D/co -END PGP
APPLE-SA-2018-3-29-1 iOS 11.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2018-3-29-1 iOS 11.3 iOS 11.3 is now available and addresses the following: Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. This issue was addressed through improved access restrictions. CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer) CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel Groß (@5aelo) CVE-2018-4158: Samuel Groß (@5aelo) CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel Groß (@5aelo) Files Widget Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: File Widget may display contents on a locked device Description: The File Widget was displaying cached data when in the locked state. This issue was addressed with improved state management. CVE-2018-4168: Brandon Moore Find My iPhone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. This issue was addressed through improved state checking during restore. CVE-2018-4172: Viljami Vastamäki iCloud Drive Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel Groß (@5aelo) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4174: an anonymous researcher, an anonymous researcher NSURLSession Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel Groß (@5aelo) PluginKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4156: Samuel Groß (@5aelo) Quick Look Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel Groß (@5aelo) Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department Safari Login AutoFill Available for: iPhone 5s
[SECURITY] [DSA 4156-1] drupal7 security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4156-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2018https://www.debian.org/security/faq - - Package: drupal7 CVE ID : CVE-2018-7600 Debian Bug : 894259 A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-002 For the oldstable distribution (jessie), this problem has been fixed in version 7.32-1+deb8u11. For the stable distribution (stretch), this problem has been fixed in version 7.52-2+deb9u3. We recommend that you upgrade your drupal7 packages. For the detailed security status of drupal7 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/drupal7 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlq8EmVfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RSvhAAmzzV41FcC0QKQYhwrxHx0uW+9uwzzkZojCdYV9KYtPOCM3EniFHKTjMy 3FaTedigWBu1x7Lpx/PtzIiapKwXFOTGk5C1TflHv6SbwMNV9kEpHsPK5YMFM234 lEyOqxlvIG2f/c2VeVumBPpmzAjTS+Id6dLC/vGl57IunAMeMl/WEN47f/RdA4qa dc52xocGdt2ldfZgkRuiWpfZV7Pz8EJBLXkATwzDTuvlzJp+anfUc/EZAoFiN7vp xwwSJYOyZhz3ikDtskYy0iq5BSeG4ic1qlqnkpDT1CUENjLY9uGHbnBDGZGftWZK 025qAtndSPc9AhI4aR+aNTDtUtu1VhNEEKi8SD5CeQ0mSmETvoEJCXmtMdP/aLns wHE/M+hGiwffFjJpyuoE0baVnII+ZPylEZG3kS2zJ/bbnnqIdoyD5PzdIVfzwORF rHACntrWzjZYrjHztlfwxv5/K3YdwcAdGavm+LGZTxXM8IalDkyEBL3tHiCgaipC E4pyFx00gzQ0M1U0Q8vzBFX6SRWV/6BOFTEEIucCFFZjfzD3aqYAHY0CtwDgACEG 6Vd9FiGosNt0W0xiTq0xDkNrA4b/Frb2mDCXFe+VZXo6GpWoWXEc/1oQLlAH9MOJ QwEr9sTpe+Mlm+irfgZAvdUK6m2zSE6XR9ePQ+PQ6o5QAMUlFZQ= =4O6l -END PGP SIGNATURE-
CA20180328-01: Security Notice for CA API Developer Portal
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 CA20180328-01: Security Notice for CA API Developer Portal Issued: March 28, 2018 Last Updated: March 28, 2018 CA Technologies Support is alerting customers to multiple potential risks with CA API Developer Portal. Multiple vulnerabilities exist that can allow a remote attacker to conduct cross-site scripting attacks. The first vulnerability, CVE-2018-6586, has a medium risk rating and concerns profile picture management which can allow a remote attacker to conduct stored cross-site scripting attacks (CWE-79). The second vulnerability, CVE-2018-6587, has a medium risk rating and concerns the widgetID variable, which can allow a remote attacker to conduct reflected cross-site scripting attacks (CWE-79). The third vulnerability, CVE-2018-6588, has a medium risk rating and concerns how the apiExplorer handles requests, which can allow a remote attacker to conduct reflected cross-site scripting attacks (CWE-79). Risk Rating CVE Identifier Risk Rating CVE-2018-6586 Medium CVE-2018-6587 Medium CVE-2018-6588 Medium Platform(s) All supported platforms Affected Products CVE Identifier Affected Product and Releases CVE-2018-6586 CA API Developer Portal 3.5 GA through and including CR6 CVE-2018-6587 CA API Developer Portal 3.5 GA through and including CR6 CVE-2018-6588 CA API Developer Portal 3.5 GA through and including CR5 *CA API Developer Portal was formerly called CA Layer 7 API Portal Unaffected Products CA API Developer Portal 4 and newer releases How to determine if the installation is affected Customers may use the CA API Developer Portal web interface to find the product version and then use the table in the Affected Products section to determine if the installation is vulnerable. Solution CA Technologies published the following solution to address the vulnerabilities. CA API Developer Portal 3.5: Update to CA API Developer Portal 3.5 CR7 to address all vulnerabilities in this security notice. References CVE-2018-6586 - CA API Developer Portal profile picture stored XSS CVE-2018-6587 - CA API Developer Portal widgetID reflected XSS CVE-2018-6588 - CA API Developer Portal apiExplorer reflected XSS Acknowledgement CVE-2018-6586, CVE-2018-6587, CVE-2018-6588 - Alphan Yavas of Biznet Bilisim A.S. Change History Version 1.0: Initial Release Customers who require additional information about this notice may contact CA Technologies Support at https://support.ca.com/ If you discover a vulnerability in CA Technologies products, please send a report to CA Technologies Product Vulnerability Response at vuln ca.com Security Notices and PGP key support.ca.com/irj/portal/anonymous/phpsbpldgpg www.ca.com/us/support/ca-support-online/documents.aspx?id=177782 Regards, Kevin Kotas Vulnerability Response Director CA Technologies Product Vulnerability Response Copyright (c) 2018 CA. 520 Madison Avenue, 22nd Floor, New York, NY 10022. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. -BEGIN PGP SIGNATURE- Charset: utf-8 wsFVAwUBWrvd68Mr2sgsME5lAQrachAAp0ZZkIUet++ujK83vtp4E7wIwNTv+Tmu 5pKj97hEO6UzPsZdHVYGs/dI1XNJ2O8b7TAObaPQgE44W6PbwjTkA5ZieoCVBAhX cA4+M4lnwW6jqLjQlCZwHf0G5v+ioPkfVgesEYkYhMEhgZTwDioJNgvu15wbSz8i gqsiynUoOHENpa7L/m5fHny+7sav1056Iq1ZxEuJJjWEYUhHKbgRpDCpgh0YuZkZ c7KdJ3qN0TcR9yJQjaAodpAvVW/ukWXpTOho7lc547gI49dOpOrZbvO30c0VdTgq Qivzm/ID1d+I0PNiwYjz9Xn5rQKvm3SVHRpVOjWVuIYEe+AoZIyCCk11Q6tKmfn1 eDjI/HwOyCuk03G/QhwCTOMWJmCdM+iLJcsSYwB/59JEDX6Y1ERrQ5nmXimO5dH8 KCmeeyfdnJnSujsiZ4nWKkBcT07jAp5EIlI570AoMu1FlxOTBndI20BdauIjCUGh 2oMCGvYjP5C16Wuq5Gn7socxdaHUuoUz1opr5aB/dwCsybKMBeEl1Lac16i6SyBM F2zOczLezRCzmZgQCGpeyx6GL+UIT7J2XcwaZPWJXZwmjp0+CrlHzmCjKJi+ nQTfdztfUpUb5448SHFXV1J30oY6gytKhM98l4qd2GZYQWwmPJn0yDhShzdgzC6r qmUPpbvXFXo= =to4L -END PGP SIGNATURE-
[SECURITY] [DSA 4155-1] thunderbird security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4155-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 28, 2018https://www.debian.org/security/faq - - Package: thunderbird CVE ID : CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information disclosure. For the oldstable distribution (jessie), these problems have been fixed in version 1:52.7.0-1~deb8u1. For the stable distribution (stretch), these problems have been fixed in version 1:52.7.0-1~deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlq7/LEACgkQEMKTtsN8 Tja6gBAAkMmVgPM0vXUzyL12w227CncC9ivogzi1aFHLvdQAhC7eTuPPN3Wjc9KR re9QEJyffu9/0jkY/whfzB8mdXbJJ9Y4BWdR5M2FBy80J+UB/hoDirjK1C0nQjW4 DaIBHb3NGP1BW5B407d77NgMDV30OBkRNz6tP5yGdgb0hb+UgZvd3d2Y+8NceYBQ l9LqvYmF381e7/wb3brKj3JRvtSwZDmtMX1TktmLCsl3PIr41ax4xJeoUzdgUXf1 bo8kBd+I+kcBjTdjS0oQyN5Y7d9S6DiZ6QRZyMhY2MItEcuGgXSPGXd27gKhzhk3 YglJZE41KpPxq8iX8kigPGX0i56AJ8mrQRMwZJ+ih2e22ZfEQoEL5PjaRZLThL31 c+xB3MrXaGpOqyUhaI7hkv+/YuPFa14g1X5DtcTmvLTCDMShPlnTtwqSXgIyu2Ee X1XCWMUverDLoGX6q5BkEVq9U1L877V5xvp8Oid7qo2XzeqrfsnmLyFH6tVfwAGc x2BN2UoXvTqL5AysP/xBen6AD2230hZpxbDbbQ2YLdysv7w09pO0wQhBYgLZfPei HTcM6+8YXQpaCbBXcD67hc7N0QgJFwHS9Pj5GMH4tVOLLr6legeJN93IHfYV8+T4 1hU+OOjEdC8bT5c0ugX5yauyhfFZcrYOd54rW4axLRyBqfTJfAI= =Mi8p -END PGP SIGNATURE-