| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Oct 2015 15:35:51 -0700 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 are now available which address the following: Keynote, Pages, and Numbers Available for: OS X Yosemite v10.10.4 or later, iOS 8.4 or later Impact: Opening a maliciously crafted document may lead to compromise of user information Description: Multiple input validation issues existed in parsing a maliciously crafted document. These issues were addressed through improved input validation. CVE-ID CVE-2015-3784 : Bruno Morisson of INTEGRITY S.A. CVE-2015-7032 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard) Keynote, Pages, and Numbers Available for: OS X Yosemite v10.10.4 or later, iOS 8.4 or later Impact: Opening a maliciously crafted document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing a maliciously crafted document. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7033 : Felix Groebert of the Google Security Team Pages Available for: OS X Yosemite v10.10.4 or later, iOS 8.4 or later Impact: Opening a maliciously crafted Pages document may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in parsing a maliciously crafted Pages document. This issue was addressed through improved memory handling. CVE-ID CVE-2015-7034 : Felix Groebert of the Google Security Team Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 may be obtained from the App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWIChpAAoJEBcWfLTuOo7tm6wP/A7VLym8s1mxvtZtkL6rlP9G LDuDKD6Q+ukd4EU41unLvgJC3DrC5XmJKBySrReX7hLBbHMElCFOa971+GVZl4aE 9gbX3zJvNf9uIzP3VSpmYw1tIdZVXr275ypdG+Nlc1YBCpcdMD6ohD9dJD1zdG8l ieuEvRFFUFGdgtIk5PO6YKHstYFkcQbbmt/uy61y3CglIDWyPOeJ7m6DWlCPYB3I PtY82ust1XPpJT0WSH3sfLyhluoq89VFPmiZhwDnOUopWuLmNoLntoQFnbCnRNwd 5nGzjukKGe8eQQ5guZP8wo+t57Rz37povvDWOXxvuk2mjjr0+ejQpRk+c7/4aIkX Uyz4nW4DGCEjXDA8/yT5HXWHb7m28WehV5fnUiNVkl0PltwLY5nlSk29sD2BMiT6 DY3KUXT6ppZxqVMm3HEzM3VQKD5kfiFJkzXx1QtOzx4mAyTUKqN98Ni7ijf/O7CI xjyNOCBNcMRtqA0ySUncvMiCeRo1b7Y2hthqY6GtmRjKbq2D8ooZyiEHGv6E10g1 Hn46jPJWPKcOMudszPUc2/AIaj94+Xb7Esq3wUSkz5e7c068oxUFBZLjVDeH8P8i /3AUN6OXLVoGCkQvdv0kvsmQDsTJqq3iUkBSDSzE5RD8GDYh+cyi+54ZFV7BKhCi ikrC4CqPxEcf3lk6bXKi =Zci4 -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists