lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <815624AD-603C-4F09-8AFF-A31D37B3B6D2@lists.apple.com>
Date: Tue, 16 Apr 2013 13:35:34 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2013-04-16-1 Safari 6.0.4

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2013-04-16-1 Safari 6.0.4

Safari 6.0.4 is now available and addresses the following:

WebKit
Available for:  OS X Lion v10.7.5, OS X Lion Server v10.7.5,
OS X Mountain Lion v10.8.3
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  An invalid cast issue existed in the handling of SVG
files. This issue was addressed through improved type checking.
CVE-ID
CVE-2013-0912 : Nils and Jon from MWR Labs working with HP
TippingPoint's Zero Day Initiative


For OS X Lion systems Safari 6.0.3 is available via
the Apple Software Update application.

For OS X Mountain Lion systems Safari 6.0.3 is included with
OS X v10.8.3.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJRbOeOAAoJEPefwLHPlZEwksAP/Ri4p48A5xqlZjpsEjoHc6Zf
rIm01xAyqsVUg85leD5NP+8yqvEFV52FEG1sONslOFbnRz62RPWZsOtPs0sIrfYR
svRiCdXrB9nHW6NkrtXuEAAzFZl1VQ5Wu5ojWJU5VNrcW+Idml0eV9ktp5V5mSH1
dy+airv3xYGJt+35JttKTgKEPFLcU5uSxssEQb4SlTBDdCZFBV/+nbcDh0t1sapB
aS9iZnzbEh/mapMzkxMy7PBV3GGgu/bkTziSk5jV6G9WNaRUzKHrJgbIYkV1wDn0
lom7tyozkU+1P/XRYOJsdk+8Z8b9Zy6eihsvMgnWh7vBqSRHO1v6MTkIgkNQe64i
MQsmPbo3AuPq0EgKrUWHwO86OSy1J9lKiqsPCrGul05VhRAsTLTn1RiKAN20PsQH
XQKog9Nfk1yNrL+ONSlYB13w56QKDzzXmwWFRHBrwfMxH/YDICDPkLJumsOSS0SL
nuz9hfNCD7tKUg2/3JV2RVf94xa66Zli3j524VG54s19aBrUqx1cbqDBvAl9lyJY
hCijZUklOGYI0RPbP86dv1NdUdBN5dOT2foqlrGQU83ppvTO1sNC8NNFe+81RhkV
QXweNwnYMcW7183xz2Xenh4+oihzpg2dcn2FNlmu+utMMX7P+6ed9nYLbpR1FlEp
z4SkKyISyJ+dYYK/o0J5
=Vj0q
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ