lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <F58331E2-4584-42B0-A198-1275A9A597C5@lists.apple.com>
Date: Mon, 15 May 2017 10:50:52 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2017-05-15-2 iOS 10.3.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-05-15-2 iOS 10.3.2

iOS 10.3.2 is now available and addresses the following:

AVEVideoEncoder
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to gain kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-6989: Adam Donenfeld (@doadam) of the Zimperium zLabs Team

CoreAudio
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-2502: Yangkang (@dnpushme) of Qihoo360 Qex Team

iBooks
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A maliciously crafted book may open arbitrary websites
without user permission
Description: A URL handling issue was addressed through improved
state management.
CVE-2017-2497: Jun Kokatsu (@shhnjk)

iBooks
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
root privileges
Description: An issue existed within the path validation logic for
symlinks. This issue was addressed through improved path
sanitization.
CVE-2017-6981: evi1m0 of YSRC (sec.ly.com)

IOSurface
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to gain kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-6979: Adam Donenfeld of Zimperium zLabs

Kernel
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed through improved locking.
CVE-2017-2501: Ian Beer of Google Project Zero

Kernel
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-2507: Ian Beer of Google Project Zero
CVE-2017-6987: Patrick Wardle of Synack

Notifications
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to cause a denial of service
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2017-6982: Vincent Desmurs (vincedes3), Sem Voigtlander
(OxFEEDFACE), and Joseph Shenton of CoffeeBreakers

Safari
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Visiting a maliciously crafted webpage may lead to an
application denial of service
Description: An issue in Safari's history menu was addressed through
improved memory handling.
CVE-2017-2495: Tubasa Iinuma (@llamakko_cafe) of Gehirn Inc.

Security
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Update to the certificate trust policy
Description: A certificate validation issue existed in the handling
of untrusted certificates. This issue was addressed through improved
user handling of trust acceptance.
CVE-2017-2498: Andrew Jerman

SQLite
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2513: found by OSS-Fuzz

SQLite
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2518: found by OSS-Fuzz
CVE-2017-2520: found by OSS-Fuzz

SQLite
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-2519: found by OSS-Fuzz

SQLite
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2017-6983: Chaitin Security Research Lab (@ChaitinTech) working
with Trend Micro's Zero Day Initiative
CVE-2017-6991: Chaitin Security Research Lab (@ChaitinTech) working
with Trend Micro's Zero Day Initiative

TextInput
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Parsing maliciously crafted data may lead to arbitrary code
execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-2524: Ian Beer of Google Project Zero

WebKit
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-2496: Apple
CVE-2017-2505: lokihardt of Google Project Zero
CVE-2017-2506: Zheng Huang of the Baidu Security Lab working with
Trend Micro’s Zero Day Initiative
CVE-2017-2514: lokihardt of Google Project Zero
CVE-2017-2515: lokihardt of Google Project Zero
CVE-2017-2521: lokihardt of Google Project Zero
CVE-2017-2525: Kai Kang (4B5F5F4B) of Tencent’s Xuanwu Lab (
tencent.com) working with Trend Micro’s Zero Day Initiative
CVE-2017-2526: Kai Kang (4B5F5F4B) of Tencent’s Xuanwu Lab
(tencent.com) working with Trend Micro’s Zero Day Initiative
CVE-2017-2530: Wei Yuan of Baidu Security Lab
CVE-2017-2531: lokihardt of Google Project Zero
CVE-2017-2538: Richard Zhu (fluorescence) working with Trend Micro's
Zero Day Initiative
CVE-2017-2539: Richard Zhu (fluorescence) working with Trend Micro's
Zero Day Initiative
CVE-2017-2544: 360 Security (@mj0011sec) working with Trend Micro's
Zero Day Initiative
CVE-2017-2547: lokihardt of Google Project Zero,
Team Sniper (Keen Lab and PC Mgr) working with Trend Micro's Zero Day
Initiative
CVE-2017-6980: lokihardt of Google Project Zero
CVE-2017-6984: lokihardt of Google Project Zero

WebKit
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of WebKit Editor
commands. This issue was addressed with improved state management.
CVE-2017-2504: lokihardt of Google Project Zero

WebKit
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of WebKit
container nodes. This issue was addressed with improved state
management.
CVE-2017-2508: lokihardt of Google Project Zero

WebKit
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of pageshow
events. This issue was addressed with improved state management.
CVE-2017-2510: lokihardt of Google Project Zero

WebKit
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of WebKit cached
frames. This issue was addressed with improved state management.
CVE-2017-2528: lokihardt of Google Project Zero

WebKit
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues with addressed through
improved memory handling.
CVE-2017-2536: Samuel Groß and Niklas Baumstark working with Trend
Micro's Zero Day Initiative

WebKit
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame loading. This issue was
addressed with improved state management.
CVE-2017-2549: lokihardt of Google Project Zero

WebKit Web Inspector
Available for:  iPhone 5 and later, iPad 4th generation and later,
and iPod touch 6th generation
Impact: An application may be able to execute unsigned code
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-2499: George Dan (@theninjaprawn)

Installation note:

This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/

iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "10.3.2".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIbBAEBCgAGBQJZGd7rAAoJEIOj74w0bLRGS4kP+Lc6slIXsaBr4WUGGX9bn0ej
klXxesL3SNerIMYNK3HUnw/8bM3uhsxKcb8I1OC0lFw3xqtxCs2Mt7qDWOvZ8yvy
7eg55Pbx/YVQUV3fSCTRYsGclHFAVNvw7NxgXJEh27Jb+3pLleLzOlepMwhgstxy
REEhMVZrjkzQNEXU14r+o7YePowIezfs9pPBYyT/jQk3z5DH/kxIe9J8nP/4yHU3
1Ygvm/VwgXjdMVzR60WY72D/jahVePFK0gjR0omOsYc7KslOirkJ18arf7MI3iC5
yOVs6zvh17nPvQXJr5rbZivMfD5RWB+iTAFtdlT9vReEDgSjizxn/kiwWWeujOzB
ORZmk+BZ0NzSR07sMrINeWmqAhgxKT3D7eCslU/BcRtLoIEsFvje+HgUk7gxoA0U
xirgc0nKaB2eNrUxw7GFtV0pWq5fNwdZ2HWQvBL9e73up+XDi9TE/xylUzTGx50b
SJl/N491dvIE8BmDUTRlkkTE44SQcATppE76CoLj8y/ncva/Os5KgybZt0Hq0zAV
HA8yprCh35iTtqn3D4KyN85XJaLBuYn8nAmF0VQ6ixSekmc6e9RY1vqG7yFXTTkb
P9TPLHpbuPGeRenvm/WezkJCQJsUQ64UwT07evtXJfHLuWGCfF4pLIkvfSiVaI8G
ucaPHZqagilOIk1zNYk=
=26IY
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ