[<prev] [next>] [day] [month] [year] [list]
Message-Id: <54BD0EE1-7DD3-46EB-9D77-C46EBC4DCBE6@lists.apple.com>
Date: Tue, 8 Dec 2015 13:28:39 -0800
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2015-12-08-6 Xcode 7.2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2015-12-08-6 Xcode 7.2
Xcode 7.2 is now available and addresses the following:
Git
Available for: OS X Yosemite v10.10.5 or later
Impact: Multiple vulnerabilities existed in Git
Description: Multiple vulnerabilities existed in Git versions prior
to 2.5.4. These were addressed by updating Git to version 2.5.4.
CVE-ID
CVE-2015-7082
IDE SCM
Available for: OS X Yosemite v10.10.5 or later
Impact: Intentionally untracked files may be uploaded to
repositories
Description: Xcode did not honor the .gitignore directive. This
issue was addressed by adding support to honor .gitignore file.
CVE-ID
CVE-2015-7056 : Stephen Lardieri
otools
Available for: OS X Yosemite v10.10.5 or later
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: Multiple memory corruption issues existed in the
processing of mach-o files. These issues were addressed through
improved memory handling.
CVE-ID
CVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team
CVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team
Installation note:
Xcode 7.2 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "7.2".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau
FNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4
Ofg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t
6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h
1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT
rnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr
HCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu
PQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI
gPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O
pPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi
5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH
ObtqW74YB0YXaiw1ckGl
=FxUB
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists