lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <393499E6-09FF-4D54-BEEC-B25D1DF9EF39@lists.apple.com>
Date: Fri, 21 Feb 2014 12:02:42 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2014-02-21-3 Apple TV 6.0.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-02-21-3 Apple TV 6.0.2

Apple TV 6.0.2 is now available and addresses the following:

Apple TV
Available for:  Apple TV 2nd generation and later
Impact:  An attacker with a privileged network position may capture
or modify data in sessions protected by SSL/TLS
Description:  Secure Transport failed to validate the authenticity of
the connection. This issue was addressed by restoring missing
validation steps.
CVE-ID
CVE-2014-1266

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> General -> Update Software".

To check the current version of software, select
"Settings -> General -> About".

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTBpOGAAoJEPefwLHPlZEwmX0P/34F8kRqvI2JJS2eoNi1cPr5
yxLbd3QoaOcu8fMgaGe/DT/xJbaLTKhZkMfKdHsWkTT3lK2GkipUbAfHGqALByk6
SdvJazfHMqV8q8i5Rc2j1JF3p7E69VkBLUY7qB35b/aFKo8k3KTcXXTFw3wsQWF5
gzSZ9tNqn4qExyPQYtmrmVv2oDVW68UHsPraI2bbQldF+zrcvtiDWL3lDKGPdeQ0
c7M0Es7r+SgnIOun27FnIhiAtvgh+Fvva16SLGIY5U1zCSNBmg6rlwT30E28D/5j
P24lDV2AfqmHEsV79nHgivkspxFJq77b9ivpKTUnNSRLM6btw8o/5vfrawOFqd5v
LhAQmnoZBq1tlVHoxlAjSB0RAIzRlmVDAu55EekOwmAQP3Vy5klb5Uvf26yTiBqM
Gkh9fqJWjdFhfTM/DQygVLa4a9n7wOAS/8dPY4fcEIeBW9Iz5Kr3mN9tFOcmfghC
hGfls4xbDAdfigf4GCI+ZI0dk6l3e1iNNQ8BSriwyWgLeDJqvfef3Ubc6Y8uT7d5
GoElrH95dPA78GMZOiyaKeLktea0wwIdNO0duKmks2K0VHeUMYj4DVL0/+lNY2LN
dswkxFjE1oXgStjLHWQgmJVumKxaxiZaev9v+ZWpLWydg3gUOcL9pBpEVClK78cx
QGFP3upkcdJtNlUhbd8N
=dZI4
-----END PGP SIGNATURE-----


Download attachment "signature.asc" of type "application/pgp-signature" (842 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ