lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 04 Mar 2013 13:45:52 -0800
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update
 14

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6
Update 14

Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available
and address the following:

Java
Available for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact:  Multiple vulnerabilities in Java 1.6.0_41
Description:  Multiple vulnerabilities existed in Java 1.6.0_41, the
most serious of which may allow an untrusted Java applet to execute
arbitrary code outside the Java sandbox. Visiting a web page
containing a maliciously crafted untrusted Java applet may lead to
arbitrary code execution with the privileges of the current user.
These issues were addressed by updating to Java version 1.6.0_43.
Further information is available via the Java website at http://www.o
racle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2013-0809
CVE-2013-1493


Java for OS X 2013-002 and Java for Mac OS X 10.6 Update 14
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6.dmg
Its SHA-1 digest is: 0f61f751f0a93a3a16824a826dc32bad5d9a981d

For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX2013-002.dmg
Its SHA-1 digest is: 47e38cf089a6a7bba9e2b0b387fe09e2b77e10a6

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJRNOw1AAoJEPefwLHPlZEwf5IQAIfRs03vWa5PLrPeztGuEe+L
Bpj2zD7yDZPvJI2ql2ADRxFmfVaaoYtBIaYoh445OVH4ZSOA0aA8Buc2mHKbIpTa
K7KI+FNmzbwdbMWQtJefzAvxVlDz3wgAFXNl6ou8i1z5WzGN/k3Cv6VZtKexPheL
IxIYaaFabzqM6DPIlKKoIYe0leWWV/M/SXxI7vCSvln03Rpa32wDCedjXa2XwPfz
oZzj1BMWOdHhUsk/gcyLVGnKFwTnSGwJqjBnSkGYs2mKKYJ3AbLYwAxOHHVHAfg/
QxV8u64NkThB67t0wrg8ARSl5w/xNZZktxn7IhC6nRGfIRPLqPeZ0PWhC+U+vC04
CCmekKHBLA3HGdXqXTAiPBQF/8BqdT5dvZmelX1M9EBfTEyZGO+Csoyrhocmm1+N
x+LybVHz1Vik7cUqIZrBXRsB1mW+42UbwLMKXW8iyeDff3+chiBUxeo0Clr6NnOv
bFXm4qByMNtjunJIX5qO1w2UwUDwG121M97AhviIZPvaAkE7Ei/EzRlHWSPsWPUF
Z0ME6JI1wUJ1pTmRIp1t/sMlIb+x1IGauwa9G0KDZOtN/UELlD6ITj6aq/wXTYQV
0qvgsYyQBKfzUXfIc1ou/5LEPvEAvP6ddhzx5cKxfrBeq4dCvdwLAARwhyevGpC/
I+rlkXXzfkbcRZuXcixW
=5O4A
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ