lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <8F303BF9-84E0-41EF-B627-E7D5A58388E2@lists.apple.com>
Date: Tue, 17 Mar 2015 13:48:24 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2015-03-17-1  Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2015-03-17-1  Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4

Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and
address the following:

WebKit
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-1068 : Apple
CVE-2015-1069 : Apple
CVE-2015-1070 : Apple
CVE-2015-1071 : Apple
CVE-2015-1072
CVE-2015-1073 : Apple
CVE-2015-1074 : Apple
CVE-2015-1075 : Google Chrome Security team
CVE-2015-1076
CVE-2015-1077 : Apple
CVE-2015-1078 : Apple
CVE-2015-1079 : Apple
CVE-2015-1080 : Apple
CVE-2015-1081 : Apple
CVE-2015-1082 : Apple
CVE-2015-1083 : Apple

WebKit
Impact:  Inconsistent user interface may prevent users from
discerning a phishing attack
Description:  A user interface inconsistency existed in Safari that
allowed an attacker to misrepresent the URL. This issue was addressed
through improved user interface consistency checks.
CVE-ID
CVE-2015-1084 : Apple

Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 may be obtained from
the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)

iQIcBAEBAgAGBQJVCHNfAAoJEBcWfLTuOo7twwcQAJw+o6wILW0ZLtMEV3DugttG
5agZqzvO1CdpmtqlUlyEJhQ1r9SrzBnqaTqgXUzMZv/ZFRR0FrgKnEcqJXH82K6y
wAVOIwDWKazKbzvYMOOREYQ1JCCRHJnA/I4+8/RGkZAqXhrWgIqbGikxDND3BGfP
RnM4ae9oQxGIbiZeyGCVWbGi/WEvsXY20tHZLelK0GzUZw+KaYQqPL8K681LOWaT
KB3l85vXl4a6rHFE9oz25dh5dlOUUVlUtXQAjffchS/hyBBCTIxBEpu2iACx6h8L
5UmSs7pilr3bmlA2FQakfHTMWgBfWIiwxYyNY5C/s0UnUx+uMuW9kR/NSjFyrQUB
wvlKPQ+oKM4m5WoorgM57XhSbcL/Rf6YVmN6sYf27TISLDHxvCAy5wK5xyyL8zTo
KWiMJCmDzlhRInlC2VfJNFZvdr/1xfogNXOQTWGsFXCbKAzs4HT5dPhg5QjyJ/fq
tJH5gtXo/MklMke9zJYhdLhdCGI26h2kmnV7ugelNxdxYS99UyKsS9vnIEkc4C4t
pAdB6PH1V0KMvXMoUerDWkJyPy4vvaAXPsaGVjbaNRfK+BwEDtjrsY7UbNsrPIrc
ef+hjfnkTEnFWnpBW4A+YVpLQz/uMLDcsePMkwR2tKq1LEBHyKhqbKiAXt1HVd6H
B5CGJrtHUaXWG0BwUmnn
=d/wD
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ