[<prev] [next>] [day] [month] [year] [list]
Message-id: <2129B297-CDB2-488C-AFC6-97454C14A584@lists.apple.com>
Date: Mon, 24 Oct 2016 12:14:29 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2016-10-24-3 Safari 10.0.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2016-10-24-3 Safari 10.0.1
Safari 10.0.1 is now available and addresses the following:
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-2016-4666: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12
Impact: Processing maliciously crafted web content may lead to the
disclosure of sensitive user information
Description: A cross-origin issue existed with location attributes.
This was addressed through improved tracking of location attributes
across origins.
CVE-2016-4676: Apple
WebKit
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-2016-4677: An anonymous researcher working with Trend Micro's
Zero Day Initiative
Safari 10.0.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJYDl1YAAoJEIOj74w0bLRG/CgP/2BuJWIr6JICylZb34qn0GTt
RgLXLOI4xIcjH8I4iBnHXnN7/Cx0vsBv3HZVxmQFG7b7qa5H5DxFfz8P8janNE+t
c9siRQcv3V5r4GJ5ynC+ZWuCzHhae3DzdpBk67PsOp8kiaKbLFR7wMO7gPpW+A1l
C05aLERWJ0IQ4iLbwdoX5aGwwvw033hWbaWd+nzRSk3Qa5m/DQcepHsUuwtWPK8r
T401PUirEiFGLLrzBcCqddbtZ6ueCXGJlI1zbnmiRb659l0JY8gj6yd4Y66Ikc4M
bzbpJ2RmxBlwGJB4MeiaatID42KTsNtQ2INHnI6XS6IE3Xk+rW/905XOGXV348gQ
Mv2IBZ2/xq2JzEjYJPYb0z3/2/VRyiYYpBxYoC1t0A0ildN8mYlwkTAEAg9FhO7x
UUIHZXsQtMlkZFYG/OgkM8JdJj3crAJ2QdeBAhcGCBKZMm+Ajk2DelCwJI9DmoD7
Y9CdX3uAVTjBo7hGkSvrm5LAniZubMEo5pBhJGD0/Va8dGqPLBxFuWXuB1fsysBM
3JnAPFxJY9ad/FRppGuhMie6IuMYI+xjTpOYeqd9qxZt/trzXT8Crr2edyVobhOP
st1kDqd0z78qMD4+ekiqhR7oOw3MNVuCpCeMZ6qzSVA9KOHy+lSu5s8ZxOfdA4XC
EzbkVlGbLJEYb4+qOiQ4
=NEL0
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists