| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 May 2016 15:47:53 -0700 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2016-05-16-6 iTunes 12.4 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-05-16-6 iTunes 12.4 iTunes 12.4 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: Running the iTunes installer in an untrusted directory may have resulted in arbitrary code execution Description: A dynamic library loading issue existed in iTunes setup. This was addressed through improved path searching. CVE-ID CVE-2016-1742 : Stefan Kanthak and YoKo Kho (yokoacc) of MII - Consulting & Advisory Svc. Dept. iTunes 12.4 may be obtained from: http://www.apple.com/itunes/download/ Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXOj0OAAoJEIOj74w0bLRGjA0QANTHzjNUsByxmLOpQfNcEHEy 3lXFmf00E7C6lq7DgQMPfbYOgXz+lAJuUuyt88OK6k9w+ADm+huxna6O+Gy4f+ST W1T2eu78vJG42QRji1f9PAa8M9roQjziL35iCRZCpeN5kLwXK8BHGSjvB33hjkGy a7GzWuT27iwUcEvTHSWACYtVqfDYre5l4Jyk0/CviWgb7zms7HC+SBbAGS3TfZRh LxT2JeF+dQ4Ajug21O8IJrOJtNwgppkssrSqtvVezYNvmTVuELPtm+5Mo0Ggqhr7 vo3SxcOvZ7xqyA9F2klLV27oity7FLMXg2NyqWnngpRJoxnnck8PcB9/FSGpVpWt /RmF6zIII792jfcmRYhe8IwgbpO6w8r4o4dJX3FLuWmk1HajT9itgZkMPIIfUdP7 hxvfmK4GBv09AP/o+oXi+Zoq3X0HbZhp+djcI9hx0T9a1bw7g0H31g54NMhqCxez vl0M04Y3+GmtXuIJNIzJuuIh4JMMfGN9SXO5NAzFzOlQ6bn96/uR9o4e+2LAuH29 HuACxqu6gaOOt/bv0AOSloPyIOSnfgH1v5Zt9QV2qDpChTSPqL0b5nnqwcv5yv7l InSa1oWL+WJ1FSlB7dLC01Sii4uRTC6Oud+ShWsoqMKYJouODqry8hlIG4Qqzexl fnEDC7oEvN/gpW1EXu7v =Aip6 -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists