| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Mar 2024 20:27:16 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: Apple Product Security via Security-announce <security-announce@...ts.apple.com> Subject: [FD] APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6 macOS Ventura 13.6.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT214095. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. CoreMedia Available for: macOS Ventura Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-1580: Nick Galloway of Google Project Zero WebRTC Available for: macOS Ventura Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-1580: Nick Galloway of Google Project Zero macOS Ventura 13.6.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/. -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmYCPFoACgkQX+5d1TXa IvqBpQ//ag8Pg6hXVwsEJBtreoPcHl8hVSRiecP5lBI2eIJ5O+WbKGmwXkS4TTcd fDp2x8zSdFC4wdJjmpjodgV2Aj9yEsWmAZl04QiF2qyVIfCoDoza6+wifsd5G6Rx 3Ji3Tn9ml1316ZuEkUgM48Oxngq3Fj+G4bky/zi/dBp5CjCPqb9sq2ot7zOVfm0s 4+negP9LPE1j1JOMNnT12s3O+PJhXKvxr9BqY0D6hL+qlEZDSglLGXMCfBoG95ds tSOOx5jBfUw/fsadR9OROMxxueCzwGEGsYOKSdec+AWoYC/hfstIdA/cZoyrQalm Mr+NBYp3T01vFv+GiXV2FES5TEs4xiXpf8/LEdHWpMkkvKHfPXI2RdjNQqVAAv/B OaNTLPmLcfPh7v1rifkxGXNqn+PrjIv+z36TYGAN34q8YPWU6WDJ+HIhuOpuzf0N O5zRQZqpnUMdUZjg4csuS0prKsyCLke/Ah2AZeVxySy7UOU749/W1526sNB4qBk5 /KNfejgaHgKZtSiAfOrxOK/QTai1E4x+XOE99zSLIdJ1J9w6ZoA6IKkVrr65Tlcs +lQcEBnemEVF6peDzBHGXSsjMrCDBt5kMvGjF9Ey3rl+tPug+T6ktypsuDR9l+Vs nL+mPpEbm6xHejL6XgZMv/ghy71to2CF2hFAYxCrIvf4o92voCQ= =k7Va -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists