lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <A66F72FF-466F-4545-8A3F-31B4CF6ACA9D@lists.apple.com>
Date: Wed, 30 Sep 2015 11:23:40 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2015-09-30-2 Safari 9

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2015-09-30-2 Safari 9

Safari 9 is now available and addresses the following:

Safari
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Visiting a malicious website may lead to user interface
spoofing
Description:  Multiple user interface inconsistencies may have
allowed a malicious website to display an arbitrary URL. These issues
were addressed through improved URL display logic.
CVE-ID
CVE-2015-5764 : Antonio Sanso (@asanso) of Adobe
CVE-2015-5765 : Ron Masas
CVE-2015-5767 : Krystian Kloskowski via Secunia, Masato Kinugawa

Safari Downloads
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  LaunchServices' quarantine history may reveal browsing
history
Description:  Access to LaunchServices' quarantine history may have
revealed browsing history based on file downloads. This issue was
addressed through improved deletion of quarantine history.

Safari Extensions
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Local communication between Safari extensions and companion
apps may be compromised
Description:  The local communication between Safari extensions such
as password managers and their native companion apps could be
comprised by another native app. This issue was addressed through a
new, authenticated communications channel between Safari extensions
and companion apps.

Safari Extensions
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Safari extensions may be replaced on disk
Description:  A validated, user-installed Safari extension could be
replaced on disk without prompting the user. This issue was addressed
by improved validation of extensions.
CVE-ID
CVE-2015-5780 : Ben Toms of macmule.com

Safari Safe Browsing
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Navigating to the IP address of a known malicious website
may not trigger a security warning
Description:  Safari's Safe Browsing feature did not warn users when
visiting known malicious websites by their IP addresses. The issue
was addressed through improved malicious site detection.
Rahul M (@rahulmfg) of TagsDock

WebKit
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Partially loaded images may exfiltrate data across origins
Description:  A race condition existed in validation of image
origins. This issue was addressed by improved validation of resource
origins.
CVE-ID
CVE-2015-5788 : Apple

WebKit
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description:  Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5789 : Apple
CVE-2015-5790 : Apple
CVE-2015-5791 : Apple
CVE-2015-5792 : Apple
CVE-2015-5793 : Apple
CVE-2015-5794 : Apple
CVE-2015-5795 : Apple
CVE-2015-5796 : Apple
CVE-2015-5797 : Apple
CVE-2015-5798 : Apple
CVE-2015-5799 : Apple
CVE-2015-5800 : Apple
CVE-2015-5801 : Apple
CVE-2015-5802 : Apple
CVE-2015-5803 : Apple
CVE-2015-5804 : Apple
CVE-2015-5805
CVE-2015-5806 : Apple
CVE-2015-5807 : Apple
CVE-2015-5808 : Joe Vennix
CVE-2015-5809 : Apple
CVE-2015-5810 : Apple
CVE-2015-5811 : Apple
CVE-2015-5812 : Apple
CVE-2015-5813 : Apple
CVE-2015-5814 : Apple
CVE-2015-5815 : Apple
CVE-2015-5816 : Apple
CVE-2015-5817 : Apple
CVE-2015-5818 : Apple
CVE-2015-5819 : Apple
CVE-2015-5821 : Apple
CVE-2015-5822 : Mark S. Miller of Google
CVE-2015-5823 : Apple

WebKit
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  An attacker may be able to create unintended cookies for a
website
Description:  WebKit would accept multiple cookies to be set in the
document.cookie API. This issue was addressed through improved
parsing.
CVE-ID
CVE-2015-3801 : Erling Ellingsen of Facebook

WebKit
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  The Performance API may allow a malicious website to leak
browsing history, network activity, and mouse movements
Description:  WebKit's Performance API could have allowed a malicious
website to leak browsing history, network activity, and mouse
movements by measuring time. This issue was addressed by limiting
time resolution.
CVE-ID
CVE-2015-5825 : Yossi Oren et al. of Columbia University's Network
Security Lab

WebKit
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Visiting a malicious website may lead to unintended dialing
Description:  An issue existed in handling of tel://, facetime://,
and facetime-audio:// URLs. This issue was addressed through improved
URL handling.
CVE-ID
CVE-2015-5820 : Guillaume Ross, Andrei Neculaesei

WebKit CSS
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  A malicious website may exfiltrate data cross-origin
Description:  Safari allowed cross-origin stylesheets to be loaded
with non-CSS MIME types which could be used for cross-origin data
exfiltration. This issue was addressed by limiting MIME types for
cross-origin stylesheets.
CVE-ID
CVE-2015-5826 : filedescriptior, Chris Evans

WebKit JavaScript Bindings
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Object references may be leaked between isolated origins on
custom events, message events and pop state events
Description:  An object leak issue broke the isolation boundary
between origins. This issue was addressed through improved isolation
between origins.
CVE-ID
CVE-2015-5827 : Gildas

WebKit Page Loading
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  WebSockets may bypass mixed content policy enforcement
Description:  An insufficient policy enforcement issue allowed
WebSockets to load mixed content. This issue was addressed by
extending mixed content policy enforcement to WebSockets.
Kevin G Jones of Higher Logic

WebKit Plug-ins
Available for:  OS X Mavericks v10.9.5,
OS X Yosemite v10.10.5 and OS X El Capitan v10.11
Impact:  Safari plugins may send an HTTP request without knowing the
request was redirected
Description:  The Safari plugins API did not communicate to plugins
that a server-side redirect had happened. This could lead to
unauthorized requests. This issue was addressed through improved API
support.
CVE-ID
CVE-2015-5828 : Lorenzo Fontana

Safari 9 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJWDB23AAoJEBcWfLTuOo7teGkQAK3KZHfKYeJ6NJP2rdBCeGGE
0zPFtcgjzbHSOG1KB5Q/gHBChmVukmgC/QCCueKmA5TOxXjhuEj2CRpe/+Zf349H
zvfdvU2Q4qM7byOY/q7g77Cae6K/nrnX7FaHRjdREniZUBIsm826o69Qbpeudlns
n4IhPIaUPiq0M+o1EzPgnHWJ1GpHcFD7C0bZ6tSlBea8iJi2Ai9EOZUXaskJg2mx
9tCijYN8IVKGApJT3CiFUHgx9zgDq9vbWJ1spnxwK0IgYd8zhEf18sZZmdAd5szS
bpU1KyFsFRYqRjV4ctTBhj8FnZ4Cjxxq9xXXGNrrlsIXBBRDENNiwUaHhoiYVBjH
mPV76aNQjgImbi2T3gamUFZLSB8IdklMbFXo+HYUX3k4eDis0f/dFRoDb4XWfXiX
168c79nGIc6bDz+7tP7Z7gC9rYCJRdJqHObky+2K1A43Urp1EkgH8oy+a2EbstfY
wvoQ/kUkFsDY3NM4xwa9gqhdYFcJSQy0kfzcZB/LinjLSEBkG/7nu+XuWlrwSavJ
qLvUyUpdP5ei0Scmz8YCymrf2aMG4yZEN4PyUkBPPW2DgNiXgbE5K+8kHnqmUlRF
OJ9+P/2tIED63euI0n1UcrfLOHAEUgZe2jmVfye7BB9KreVh02u/ziFl46Gghdsd
TksTuX7uQIiE70E/qZlh
=FuAM
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ