| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Dec 2016 10:23:31 -0800 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2016-12-12-2 watchOS 3.1.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-12-12-2 watchOS 3.1.1 watchOS 3.1.1 is now available and addresses the following: Accounts Available for: All Apple Watch models Impact: An issue existed which did not reset the authorization settings on app uninstall Description: This issue was addressed through improved sanitization. CVE-2016-7651: Ju Zhu and Lilang Wu of Trend Micro Profiles Available for: All Apple Watch models Impact: Opening a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of certificate profiles. This issue was addressed through improved input validation. CVE-2016-7626: Maksymilian Arciemowicz (cxsecurity.com) Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYTiRQAAoJEIOj74w0bLRGF7gP/Ai6yr5v+PBxDWHtEksBs3es eroQA8hmzgvrF3zm7DOfRvJyvAKhIczxCdx9hebIIvbRFRkQkwdYPaTaLqO29iWH xdY8FN6QCMSVvE5/yVhAUCcEfyE9V9u1uQlvzMUMZh/5rkxtwko+Ubegtw/X8O6Z n+ldjlAGViBvhthNQXTq2JSmo9sROcLvgo2kCKwL9adgxU2H9YqBksjbrcY37zHd Lq3dz/JhN30JmkPH/u/ksm94BOZAUVyGym1wfDERMSioObac6nmXr3cZ4dUM7dat 5pVZ35SNCWkARIeDSVIpdD+h94/NoyIfmPrPv4zTPjXMHEeqQYvnfpYFSewHPr0s kzdNKpjnI3Ytx8Tjtlpq0n0pJehbSlhr2UgGSWZCIso6Ew5siEI0vvz7YyI2AtRJ Ch/yZvaUWGNt4qhjUxYfBSyrS0upG0pVP43jgi9RHXF/kSD72Ek08DDI/uDn/v5Q P16yBIogYNCq79M1S3POoDy5uQlqF9fKouxV+wlquBfLFsDm03Utiewgw3mwC5vc zEy1bYVW/OPKslfBgQv3OTCpVcMocs1N4hIrcTxXke1l4VbHXflopaiz/tF1T86o s4qaTu3kAyS6dB55sftI1AtqUA7taMUJ1iOgCpSI+e6xBocz3xUQm+r5yNf53sC3 Krj4IV2NhP4HVlVu2V3X =Qt14 -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists