[<prev] [next>] [day] [month] [year] [list]
Message-id: <32EAC202-0CE0-4A8F-9792-A835C4F50C35@lists.apple.com>
Date: Mon, 04 Mar 2013 13:45:52 -0800
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update
14
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6
Update 14
Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available
and address the following:
Java
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact: Multiple vulnerabilities in Java 1.6.0_41
Description: Multiple vulnerabilities existed in Java 1.6.0_41, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues were addressed by updating to Java version 1.6.0_43.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2013-0809
CVE-2013-1493
Java for OS X 2013-002 and Java for Mac OS X 10.6 Update 14
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: 0f61f751f0a93a3a16824a826dc32bad5d9a981d
For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX2013-002.dmg
Its SHA-1 digest is: 47e38cf089a6a7bba9e2b0b387fe09e2b77e10a6
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJRNOw1AAoJEPefwLHPlZEwf5IQAIfRs03vWa5PLrPeztGuEe+L
Bpj2zD7yDZPvJI2ql2ADRxFmfVaaoYtBIaYoh445OVH4ZSOA0aA8Buc2mHKbIpTa
K7KI+FNmzbwdbMWQtJefzAvxVlDz3wgAFXNl6ou8i1z5WzGN/k3Cv6VZtKexPheL
IxIYaaFabzqM6DPIlKKoIYe0leWWV/M/SXxI7vCSvln03Rpa32wDCedjXa2XwPfz
oZzj1BMWOdHhUsk/gcyLVGnKFwTnSGwJqjBnSkGYs2mKKYJ3AbLYwAxOHHVHAfg/
QxV8u64NkThB67t0wrg8ARSl5w/xNZZktxn7IhC6nRGfIRPLqPeZ0PWhC+U+vC04
CCmekKHBLA3HGdXqXTAiPBQF/8BqdT5dvZmelX1M9EBfTEyZGO+Csoyrhocmm1+N
x+LybVHz1Vik7cUqIZrBXRsB1mW+42UbwLMKXW8iyeDff3+chiBUxeo0Clr6NnOv
bFXm4qByMNtjunJIX5qO1w2UwUDwG121M97AhviIZPvaAkE7Ei/EzRlHWSPsWPUF
Z0ME6JI1wUJ1pTmRIp1t/sMlIb+x1IGauwa9G0KDZOtN/UELlD6ITj6aq/wXTYQV
0qvgsYyQBKfzUXfIc1ou/5LEPvEAvP6ddhzx5cKxfrBeq4dCvdwLAARwhyevGpC/
I+rlkXXzfkbcRZuXcixW
=5O4A
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists