-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-1 iOS 13.4 and iPadOS 13.4
iOS 13.4 and iPadOS 13.4 are now available and address the following:
ActionKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-4 watchOS 6.2
watchOS 6.2 is now available and addresses the following:
ActionKit
Available for: Apple Watch Series 1 and later
Impact: An application may be able to use an SSH client provided by
private frameworks
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-7 Xcode 11.4
Xcode 11.4 is now available and contains security improvements.
Additional recognition
ld64
We would like to acknowledge an anonymous researcher for their
assistance.
Installation note:
Xcode 11.4 may be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-3 tvOS 13.4
tvOS 13.4 is now available and addresses the following:
ActionKit
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to use an SSH client provided by
private frameworks
Description: This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-6 iTunes for Windows 12.10.5
iTunes for Windows 12.10.5 is now available and addresses the
following:
libxml2
Available for: Windows 7 and later
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-5 Safari 13.1
Safari 13.1 is now available and addresses the following:
Safari Downloads
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious iframe may use another website’s
SITS:Vision 9.7.0 Authentication Bypass
[-] Software Link:
https://www.tribalgroup.com/software-and-services/student-information-systems/sitsvision
[-] Affected