lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 18 Sep 2013 09:03:27 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: "security-announce@...ts.apple.com" <security-announce@...ts.apple.com>
Subject: APPLE-SA-2013-09-18-1 iTunes 11.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-09-18-1 iTunes 11.1

iTunes 11.1 is now available and addresses the following:

iTunes
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  A memory corruption issue existed in the iTunes ActiveX
control. This issue was addressed through additional bounds checking.
CVE-ID
CVE-2013-1035 : Honggang Ren of Fortinet's FortiGuard Labs


iTunes 11.1 may be obtained from:
http://www.apple.com/itunes/download/

For Windows XP / Vista / Windows 7:
The download file is named: "iTunesSetup.exe"
Its SHA-1 digest is: cef0f1398e1d51fd2f832c12763c2bf1627379ee

For 64-bit Windows XP / Vista / Windows 7:
The download file is named: "iTunes64Setup.exe"
Its SHA-1 digest is: 5efe95a1f1df32f3833e5972db02e37ca7bfc43d

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJSOcZEAAoJEPefwLHPlZEwoVMP/1EOonGp47xN2EPt4mLGxDCS
nK0aan5a29OGwGOvZHKejjbTJcoIRiovdjEUGvssjUYGZ26FQ2O0+54b0xrGRZDA
c9WLR9fFLcjeYTOzo6Exx7qCxw+/RxbA1+MRcrmavjoaH+vzDAEvjoMSu6l4FKIO
inkrZQ85o8XyJByZ2RonJPICEVVGXGbDO/0C3/r16Vxcc0LHmX6nZCNv98IltYIz
AQ67ndSXkBA2nvRykKaTA7CLzxqEdiwqlcli50HsMEfhod4aMiqiS9l2Qlm3NLEn
E31Vep2eM4dIB1b3yPhnJfgu1059AVaMAHL2f4kkaK8qx2wuHJN7zMBCXxhEYpx2
X60w3Y8x7kxdMEDFj+4MivuF/9+G5Kl+/E/S1LCs/iJDf0xt6Uip2GufLEPOuJpe
0mqtdGoXfc/nz0xq4p1LMApjuZG4Wo6vuq7mwOWF7uD8o2OgZ5SC7+vsz9mTvLi8
3w88EP2X9/qhHuwVBF9CwWhp7s/wRLJ49i+6bgYuIZQsHHQ45KfEdpAhFv4p+BkM
AfEGdAuDrpTqyAxvyvto2pgub9a0WLVD2T/jC/e8GC3Ad73KaoD8+nwLQnyARSId
Vu4wyZ0jiLz8TycEby9Xn0PlqJ9fUJdHKM+lfRom6VwjF2/6y3LiWuyCl3nESXa9
FtwVmY6yJgOVNzjJyR3F
=+8pY
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ