| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 05 Dec 2018 13:08:41 -0800 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: APPLE-SA-2018-12-05-6 iCloud for Windows 7.9 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-12-05-6 iCloud for Windows 7.9 iCloud for Windows 7.9 is now available and addresses the following: Safari Available for: Windows 7 and later Impact: Visiting a malicious website may lead to address bar spoofing Description: A logic issue was addressed with improved state management. CVE-2018-4440: Wenxu Wu of Tencent Security Xuanwu Lab (xlab.tencent.com) Safari Available for: Windows 7 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: A logic issue was addressed with improved validation. CVE-2018-4439: xisigr of Tencent's Xuanwu Lab (tencent.com) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4437: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea CVE-2018-4464: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4441: lokihardt of Google Project Zero CVE-2018-4442: lokihardt of Google Project Zero CVE-2018-4443: lokihardt of Google Project Zero WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A logic issue existed resulting in memory corruption. This was addressed with improved state management. CVE-2018-4438: lokihardt of Google Project Zero Installation note: iCloud for Windows 7.9 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlwINz0pHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3FfPA/9 EUxvStUSXAuet3Gh+DkF+TzfTTiMBOg34thRAtOCfYG+LQzC3FLUTl2Q8WccXHhU Zl8Fx5uDqijTKHIx69tkqyzmHzqpjg1RrzGe2MtArvGg0d19DETYWqHq2niQ0V+H fTQyDxD6iaRBE2wdj06yj2VvglXCTaDayFGuEesQYJ2PKz5Q4VgUxF46jrRuBJ+S BVPmNUsila9pc00WLqxPO1erWxRSVLpSWrWEyyziXnThP9jrp9rUxih+t8OjP9s1 JPYbM+2XX4P3IT5DKpqIZ6SNO4SnJkBGTlGBuKdVevPaRDGMNSKAGOIvjelOPtkQ CwBPtxzP00BoHWKPm6hk/Y27cm+xhqlVglRWHpLZGyHOWcwq490gFaDQEY9vNEwn QX7CIGWUSPXkPMeG/0SU/f+aItbevGEnRrLRdTXUlRm0eaA4JBHoW1qmGmCQRp+b PH/Xwv42bzM9wCh+wqsCmPL7eae5YxOUHvmtyeTcUBcHHaj1d7H9F80YhcQrsQXX I2RGwjedOk7M7lytRnWHoetQfZhifwQRgGXS7ovRRI9SXabtyWrNh7bZJR4O48c3 RZsHwIhADy27cQ0sXK2pQ9xSUFC9XdoKyLBLuEJ+SJUWCFaikmn1VTPz4En3LLiv bdfgbhp5GczDYZr0pm/6afdkhKqjJGTBtK2bbbaQspU= =d9B/ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists