[<prev] [next>] [day] [month] [year] [list]
Message-id: <FFC396A1-AD3E-465D-9B6B-5589DB974BD2@lists.apple.com>
Date: Fri, 09 Sep 2011 10:14:50 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2011-09-09-1 Security Update 2011-005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-09-09-1 Security Update 2011-005
Security Update 2011-005 is now available and addresses the
following:
Certificate Trust Policy
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.1, OS X Lion Server v10.7.1
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information
Description: Fraudulent certificates were issued by multiple
certificate authorities operated by DigiNotar. This issue is
addressed by removing DigiNotar from the list of trusted root
certificates, from the list of Extended Validation (EV) certificate
authorities, and by configuring default system trust settings so that
DigiNotar's certificates, including those issued by other
authorities, are not trusted.
For Mac OS X v10.6.8 and Mac OS X Server v10.6.8
The download file is named: SecUpd2011-005Snow.dmg
Its SHA-1 digest is: 065f5f9a9263a2cd164ea61d1d59c63b1362df0b
For OS X Lion v10.7.1 and OS X Lion Server v10.7.1
The download file is named: SecUpd2011-005Lion.dmg
Its SHA-1 digest is: a2971772c45f53dc251cdcd1dfa21a651c54f03f
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJOaiLBAAoJEGnF2JsdZQeeglEH/2aD3I9Tka87Fr1YISyZaGwx
iea8gIJ11uvJuZwXzlDLGKjSkh0qhkt0S/Q84YOjGWGvz+kuT3FhL9Rl6KJth0uW
eXShWd6iyQb4f5KHovMgwhRy+5fuk85b2Q7Y4ulwhflcfn4g5pOlRevgfN48C5fx
7W3p3dn8YgfON79rn4Kx4G/3ZaybIo34q1JmdOVfQD1F5UpZ7PDfUUtCu9CRa36U
AYbnNwVcgvCkqAG9vvIMrzd/pG9geljdclW4H8ujVbXKxFa53RB4N1/3fCIEtzmi
WxwucarVfvCvf6Vpvob6rZZx8xf+Nn4hJ8xl0F/SlcnBIzpBFHbspDODRCd/GVM=
=Qz73
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists