lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 27 Oct 2016 15:25:10 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2016-10-27-1 Xcode 8.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-10-27-1 Xcode 8.1

Xcode 8.1 is now available and addresses the following:

IDE Xcode Server
Available for:  OS X El Capitan v10.11.5 and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: Multiple issues existed in Node.js in Xcode Server.
These issues were addressed by updating to Node.js version 4.5.0.
CVE-2016-1669
CVE-2016-0705
CVE-2016-0797
CVE-2016-0702
CVE-2016-2086
CVE-2016-2216
CVE-2015-8027
CVE-2015-3193
CVE-2015-3194
CVE-2015-6764

Xcode 8.1 may be obtained from:

https://developer.apple.com/xcode/downloads/

To check that the Xcode has been updated:

* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "8.1".

Information will also be posted to the Apple Security Updates
web site:
https://support.apple.com/kb/HT1222


This message is signed with Apple's Product Security PGP key,
and details are available at:

https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJYEn2fAAoJEIOj74w0bLRG7ccQAJ5AI8A5ZcFsSeA0moHmYPjZ
wx879ojf5IyzVO/Hp0aiKfMHDf77X+BJjCmFyFb3IWhO5dRVLv6Md401R52lFMzA
+neRjEIr3HO4daopbRQXEheiMzWNFLPErWl+nYruL+17TvkN7WDL5PkuxTIedsWG
YJyxacejGmNET16xbyBneYPUbJrTl7WKLCZpjgv4lfNgIVfPjulF+t+hKC8gp5Yi
whHL8/+gT2/MXkmv2ACTcewZhKMeHICnja9gquqqv3AGeFqcdW59lpR9A+sEs77W
lZrNQhXZrMDw6K8DVxCHay0Gz7T9MpYwrmSzJYkGtk4xQfWs+G/fppHqj1DzcCXd
EqvpTI5Vmn7AsgDx9anSKGTDMYZ4T6Xw0Q5yIKmHq1bn3dEHxLtxf27efc4JkTlB
wJR3lz2BSdOxUjG8ob2MDRtEO0eikpj7mIkzvuXmfHLvO80eSLqwZdxZucq7rfeK
9Js+JnCs58LtBN3Kc0FWBHq+iyPR7J4FQb3Qg2IdqnoM9NHUISge/sA/baTStYLJ
GlEdi4tpbLLQ6Fb0R1BG/rs3+pVMCQchCqDCmy9IgoF2awY0MS/sczmpa/GSic3k
c6wvL19KQjI820+wUh8m5DzDG/vMdJOJqgGRltk2x+h+g12SFNyTbzpzj/QGV6RI
j631bs8/hm5Y6dVAeRzC
=RFf5
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ