lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Dec 2016 10:23:35 -0800 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2016-12-12-3 tvOS 10.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-12-12-3 tvOS 10.1 tvOS 10.1 is now available and addresses the following: Profiles Available for: Apple TV (4th generation) Impact: Opening a maliciously crafted certificate may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of certificate profiles. This issue was addressed through improved input validation. CVE-2016-7626: Maksymilian Arciemowicz (cxsecurity.com) Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software.” To check the current version of software, select "Settings -> General -> About.” Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJYTiTTAAoJEIOj74w0bLRGDOQP/AjOyZHSqMpBr3qMVmPJs78g 5VFELv8tFrNQ4co/JNdIbREQSzD4qWC/JydzpStwr3NJF0Nk29J4HepsAQ4Yqr4b 9OYDmtQ4MC/pIAinptopCFlNTMUOpzucqVji7uQg+ED7gH9e/RmFkUg3PdIZDn/t jlf0XMpc9DvR/SWoJ5XbymvPkhLDZ2NsBw2yMf1NRJF3YUeSgTCvSXuhZeavS4Dj GBg9tPNzH/nCBPzTlAySP29T+kWOpoPQzp+ETlkX2I5y5eosa6Hj43A4limDqkUW RyoqzwqJIsB01u80Ey1XgivDR94dxkt6XpD4GMe89bOypt2KY+YShHkaH8ScCjx7 DrROuW4vP+R8+M6G53MUoLJ/ppVOqHjJXm6YQImDk5KNL2oHW7FE2c6nfuP/LtMY 5kLyV8WSFeb4gsM3SgGCpH92wgI25Jr9WcRkvbB9bOd3Esn1suq58+BniB7BlxmR 8YPDnD8yP+DwRa6Y7DNpWiziXEelIirNKKYph30nJSi4MWkAxr1TIDjbPDE/jk3Z TiHl1NMjm0kT77YHW2K/TSxt6HjO5F5fQNR6KwFhfE9h+0xPF/KDlQ6kpDcz+LbN pBWkeypfvHh1pE3eU4hic/Rnl+EiGcyACQtRKSS2OZ3RcZ3IN5VxLE8+TOyH5dlW LYEQpFgylfUFPWTJteSY =9V+M -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists