| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Sep 2019 13:18:14 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2019-9-26-2 macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-9-26-2 macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra are now available and address the following: Foundation Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.6 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero Installation note: macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NFuwACgkQBz4uGe3y 0M3WrBAAr+Bi8S05hUUkC9r4Jz/PlG2vMLDKedwcRPsiEiJ87izrfA8Bb/9qQ3EV IvRqTdw+RDjCQsMZ5GfNHLRynbYyq3ILSCEhLOvpAhHt4gkNF83EktleSe+yTno2 QlEa+l8oJGr2GMVsQNmXWPmykLNx1qK5jysPgepdm/JYOfz+IMGxM7vCaNMk+1gb hohqa60VBnOrl/6QyD39Y8U7JI7aQFYzc0b3NtQI4H5jgO/5LPeScBe3eNf9ldjf CN6TcI1VPEeGtEqBn5M5/YA/WB4zpaCOWB9KeOqgp+EMKeZtgNNDUDyeP0mL4sXh 0S9xub5dxkk2wEanBZe7bAJydoW9HIn9CAptcM3N7cCJ5vhTye96wCZ+awHJ32NU n2fm/rbOA4zB6NjTI052QwjElY8h8mh0E2sgU+04cF6GnIEEwxg1QTH0ccVl2YXf 2ek9DvdC+XbM6sGemNat4TBgsB20E6EVpmEXIJnS7hFTt3wuSEcQckYo3kUxMCQB 9pql4Rsq4Ma4uAK7b8Wsk8VTq1hWa7zo5cvSZcCirspHqyX0hmj236D9nUD1rPYI zt+h9Bhe2ee/ahQBgQND4uzYaLROsz7jFqR6PXQy/abx5+vYv236DweTjG0QWvAQ ubQ+WQrHYeW2nFOpZ2Lk18Sn0Fo5A3dTTTj9LEIeETbg2kwMjdE= =+3Bw -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists