| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Jun 2023 16:46:23 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2023-06-21-4 macOS Ventura 13.4.1 macOS Ventura 13.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213813. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Kernel Available for: macOS Ventura Impact: An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. Description: An integer overflow was addressed with improved input validation. CVE-2023-32434: Georgy Kucherin (@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of Kaspersky WebKit Available for: macOS Ventura Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A type confusion issue was addressed with improved checks. WebKit Bugzilla: 256567 CVE-2023-32439: an anonymous researcher macOS Ventura 13.4.1 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmSTiB0ACgkQ4RjMIDke NxnB2Q//cudXSo4nxfW+J9ReMhN1AJNcHzmEOMDueYV8ScAa/EcuJy5Lf+Why/hP NhKVGEnbdPRafWqePPHKdRG4fFU+oH8HVTOcenKHug1sAiDgJBJGGkVlqIYywjy7 8rRXRAgUvQmyj011cbExhVbnl3GUtJGrtX6IIdCh6Ow5vH8S/zX52eiOTzCYeRIA OZJdV+fIVDMhYY9H6kzi1Yjiek5rbwTeIF82Mgiv3UB0+XPPSS0ZFflDgTDR5/gM z8Bc5VlKviL+bTlBSHcW9sjENWEeFcz8WCo8pY5ISZWbSOrclmFcDj3KYU7g/6RV DM+3qzT4vXmVy68nyfiqbBky0b7IVovDpdWuFVn9QvhuzTxHCUnpl9FgbwI+1ONu 3UandNz4wmFRcYaXblkQ4pLlWXBrHjsJ/ttOVOIX7l6aex9fuphQredSB6HTQk3M dDWlEYWbeb1SKU0ul+lBNE+Uro81Xu0kwz0hppOxEsbgSac/gS/GvQ2hk6Jryq+g j99v/f5p8vyYIRvw34QkqsG5gAL2/7uvL54OG1auRvloB+7uykfNrZZtYIBFFytx 5erI2p3iuV0fSDrPAB4ufvd/a9aFBmYNwrfzcxnIx0ffHOqAkCYTSlVhW9l4HTzW Q5SwkwSAjfs7I96Vd0lm0VV/m5Oa59J6vo+AJhDnmpYbdq5gYys= =oPRZ -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists