| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Mar 2017 15:47:50 -0700 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: APPLE-SA-2017-03-28-1 iCloud for Windows 6.2 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-03-28-1 iCloud for Windows 6.2 iCloud for Windows 6.2 is now available and addresses the following: APNs Server Available for: Windows 7 and later Impact: An attacker in a privileged network position can track a user's activity Description: A client certificate was sent in plaintext. This issue was addressed through improved certificate handling. CVE-2017-2383: Matthias Wachs and Quirin Scheitle of Technical University Munich (TUM) libxslt Available for: Windows 7 and later Impact: Multiple vulnerabilities in libxslt Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-5029: Holger Fuhrmannek WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-2463: Kai Kang (4B5F5F4B) of Tencent's Xuanwu Lab (tencent.com) working with Trend Micro's Zero Day Initiative WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A validation issue existed in element handling. This issue was addressed through improved validation. CVE-2017-2479: lokihardt of Google Project Zero CVE-2017-2480: lokihardt of Google Project Zero Installation note: iCloud for Windows 6.2 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJY2sl6AAoJEIOj74w0bLRGjG0QAIcKPrg0HmHcv27Zl70Bt8qi WRTANu+nbu0QjwaAwLZlOnS9d/XKfA2fkStlUnUzlJHXvF+KY+F6AN0vGQZ158ZU gqdZZmhtEl1WZa8a1yr2t83RC/Q+NsU/Ai9W1zoLAw8LU7eRbt+sNvR3Bx7RhXYH A68aKe7+AMuv7yuxKeaHtwox45yj4tEHtoURZkAZdsPcdV+k6UEdVf9lnaIaGqDb E21+clnkc58uQ57UAtVcEzM9XFXdzfy7Y6nYpALXGCVNt79oSfByAZ2qvDu0auRx rCc8s4O2K044bpaetkMJgAA2MmaeUO0ZVLeSW+8t+7w4Qyik6lsxIhJPjZ3qYXaa Wb8WfJgj0Dl7s7Wvgozc8wA+eVaksaz2Y8SPM4I75h5+IT1ZHdswdSIMAFC3lsCs RmSHA8P3SBOsfoWQ3Aa8dXsmaO6Cp+5A+lP8MEdQptBHKhR8z0MWqpkI2taJqof+ 3DcDL7+ZQklk0EzlrGcNI+ygbHyx1TJqRLHD7aB40DwmFAy41kBHkR4nmnQ/kcoF WZVwa6WsWDNg6z4823pUTZTSuKvK7vEQeXZnIj9m/SAJgrGQUGJ2cbybgep5iNWk zmQwxAR7uuDwD6fEtXHhAULNKGtvfOOomvQypafsIh75lGKZ1SnCojEv7bqF9UXU xCLGJWVtI1fBZbzME47M =w8Kd -----END PGP SIGNATURE-----
Powered by blists - more mailing lists