lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 12 Dec 2016 10:23:35 -0800
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2016-12-12-3 tvOS 10.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-12-12-3 tvOS 10.1

tvOS 10.1 is now available and addresses the following:

Profiles
Available for:  Apple TV (4th generation)
Impact: Opening a maliciously crafted certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the handling of
certificate profiles. This issue was addressed through improved input
validation.
CVE-2016-7626: Maksymilian Arciemowicz (cxsecurity.com)

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software.”

To check the current version of software, select
"Settings -> General -> About.”

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJYTiTTAAoJEIOj74w0bLRGDOQP/AjOyZHSqMpBr3qMVmPJs78g
5VFELv8tFrNQ4co/JNdIbREQSzD4qWC/JydzpStwr3NJF0Nk29J4HepsAQ4Yqr4b
9OYDmtQ4MC/pIAinptopCFlNTMUOpzucqVji7uQg+ED7gH9e/RmFkUg3PdIZDn/t
jlf0XMpc9DvR/SWoJ5XbymvPkhLDZ2NsBw2yMf1NRJF3YUeSgTCvSXuhZeavS4Dj
GBg9tPNzH/nCBPzTlAySP29T+kWOpoPQzp+ETlkX2I5y5eosa6Hj43A4limDqkUW
RyoqzwqJIsB01u80Ey1XgivDR94dxkt6XpD4GMe89bOypt2KY+YShHkaH8ScCjx7
DrROuW4vP+R8+M6G53MUoLJ/ppVOqHjJXm6YQImDk5KNL2oHW7FE2c6nfuP/LtMY
5kLyV8WSFeb4gsM3SgGCpH92wgI25Jr9WcRkvbB9bOd3Esn1suq58+BniB7BlxmR
8YPDnD8yP+DwRa6Y7DNpWiziXEelIirNKKYph30nJSi4MWkAxr1TIDjbPDE/jk3Z
TiHl1NMjm0kT77YHW2K/TSxt6HjO5F5fQNR6KwFhfE9h+0xPF/KDlQ6kpDcz+LbN
pBWkeypfvHh1pE3eU4hic/Rnl+EiGcyACQtRKSS2OZ3RcZ3IN5VxLE8+TOyH5dlW
LYEQpFgylfUFPWTJteSY
=9V+M
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists