| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Dec 2014 13:01:45 -0800 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: APPLE-SA-2014-12-22-1 OS X NTP Security Update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-12-22-1 OS X NTP Security Update OS X NTP Security Update is now available and addresses the following: ntpd Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1 Impact: A remote attacker may be able to execute arbitrary code Description: Several issues existed in ntpd that would have allowed an attacker to trigger buffer overflows. These issues were addressed through improved error checking. To verify the ntpd version, type the following command in Terminal: what /usr/sbin/ntpd. This update includes the following versions: Mountain Lion: ntp-77.1.1 Mavericks: ntp-88.1.1 Yosemite: ntp-92.5.1 CVE-ID CVE-2014-9295 : Stephen Roettger of the Google Security Team Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJUmGKXAAoJEBcWfLTuOo7tJHwP/iHNiJAZaFxvN81LT382jy3r qDX4YjdhMydBCf+EW/WZJW1mfpqeFS29+4a4HAzxgSHNp7nrhHcyGc1sRkcIj2Co jwISJ3if1+8puTeLjHDaWEozYwGVVXdLQrkqYkbDEzWAimN9jSfOjjKLeVswyVdw o7ZrMZ9R3SqGcrw3tkqFPduur03Ip4a220g0kjydNdkAATHv6/U/eDI7pBybhWWy xQfY7gZxwkP7R+vo7xXgC+0U2j74TIZOS2OYZwS9/7YuKoCq6CETXEVSsXRg/9aN mRwVBneBKVLHKKaXhwbpKT/SQdNvCmmqbI5qG8J5AvNtXyo2a1Y8mXlA6Mp91PTf zZcwCZZyXbNJ3oJK8DEnwP9MjkzZzoa3K5EZQr/4oSTfsG3EJilPPD05GukrWggJ EUdBJZ7+QFwjIEwqXYW++fPv97WW0DZxQvkdkImtFoGdfR+cOXWyhtqk2aaz6JFO vf6C2dTVILHz8rHVfzMxBApgRnZjFe6c04fbW5YSfIC4Qjc4XSm9/KkQYf1YIGH2 s6TOkc8qrmUTgh+VxDoKPU5K/O+1IfTByiGBii+G4cPB6wiXZj43x7zjC+6bgnCo R2UhO62hnEA4Z1++KuYVINfiCKMkxnKHVvGOdb+pBKddGmCeUiM1H0LO/l1/kaFR kNQ7cG1OCTFtFJUpClub =xyD0 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists