lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <0456243E-BF8F-4CF2-8B0C-73071BC80C93@lists.apple.com>
Date: Mon, 21 Mar 2016 17:53:29 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2016-03-21-4 Xcode 7.3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-03-21-4 Xcode 7.3

Xcode 7.3 is now available and addresses the following:

otool
Available for:  OS X El Capitan v10.11 and later
Impact:  A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description:  Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1765 : Proteas of Qihoo 360 Nirvan Team and Will Estes
(@squiffy)

subversion
Available for:  OS X El Capitan v10.11 and later
Impact:  A malicious server may be able to execute arbitrary code
Description:  Multiple vulnerabilities existed in subversion versions
prior to 1.7.21, the most serious of which may have led to remote
code execution. These were addressed by updating subversion to
version 1.7.22.
CVE-ID
CVE-2015-3184 : C. Michael Pilato, CollabNet
CVE-2015-3187 : C. Michael Pilato, CollabNet

Xcode 7.0 may be obtained from:
https://developer.apple.com/xcode/downloads/

To check that the Xcode has been updated:

* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "7.3".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJW8JQAAAoJEBcWfLTuOo7tO6gQAJAW+kXp0TuFMDT6xHo2YVIq
OiRdtYYsaQ0vLXHhDFQP+8uXPSz6KnunxKYZhA3JsSIjXZcv+O0Vw9hP/5A3/nj8
vXYCFmVW9m7rse4k7m117PYdPuKuWtAvDU19b7B2/vPsrv1R6C5R+jZj7hi9Vp2T
4Vx4oLeXCAhzpuDNfvtnyI756b8j63si2eSMSIPp+smQl4RKWtEJEAX5yHkDpeyl
cuCHiEbwx4+UomEp5jpOPGjcmohjpTrbBJE8hH/k6W85bBj+rhBPJoBAYafW7nHt
6uokIgZtU59ZEAwC8hme0vzApINfslV1fiJk1HN/rP6Cp+ptdIZGL8zydmzIh7yq
gEnfcEEhD2TTkJYnt22l42ZtCDsGJkFBF/r77EHmYWUJfmR4a4Jismp4sGGPgZ12
OitRfBzojK1+Ah6tkYV2LKIfjstprBTRZdz0XKQtjgAwfgktAalrWiibZs2zBNF5
UfZKAsM3Qc9RBK5pNQpGMlrHQtnFdD74Df4TYRlSuKZRO5DLr0STDeHXQfn4Ti/9
8+ZifqggFuWBfh5es4EFdcpxRRqWI9OKOdgQ0Oc5tXwIyAlOshxNuP3qAgVQzwwd
COicsW/1HsUoaopDuf+bzDcJPL/L9H3SRYfg4S/uv5JOjoaPr0pQC8mUfR25dZAw
cU0NiqyyiqU1H29UaU50
=9aiD
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ