| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Sep 2017 14:15:48 -0700 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2017-09-20-2 watchOS 4 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-20-2 watchOS 4 watchOS 4 addresses the following: Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to execute arbitrary code with kernel privileges on the application processor Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7103: Gal Beniamini of Google Project Zero CVE-2017-7105: Gal Beniamini of Google Project Zero CVE-2017-7108: Gal Beniamini of Google Project Zero CVE-2017-7110: Gal Beniamini of Google Project Zero CVE-2017-7112: Gal Beniamini of Google Project Zero Wi-Fi Available for: All Apple Watch models Impact: Malicious code executing on the Wi-Fi chip may be able to read restricted kernel memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7116: Gal Beniamini of Google Project Zero Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZwtdFAAoJEIOj74w0bLRGjygP/RPIR/e7YCDOLvMAoinPUv0B T/C0yRIIQ+3w3YX9qi3qUy1ABfyIyQmDRKBjU804zzLojgohGQHTNm58lYGdXxlY oLlmrXv6cfWwg9zzIe5WRBucn2u+d0+ecdMFXkMAC/7YzoFBWTA9Ey5Vuz3xtloE PS8PtaGDpLcRl37W1dF31liTcYWyMMvC0pYy5IQmFvdghI5eNkqm0HYF0SRB85qa 1ZXtY2R9dUK7bGnJlZdbMimRZy9RbOhpyhaYiauvLL6DxDkzKc9x8HiuaInJs0nb to4lo5y0QPH20hMUCgJ2ODbS41SSf8T9gFfkDE7BEe2AVfrVFjkToLYYES/6Lu3h zKJ7UZRDQc6dmJHNayZYK6UUbDzzzBg5orHRRqV3GrHrZhueayO9rlcvQK4xRDlK vRofUhiRaEQ4BzpAizlAZRVqws1tEdRHweucZ8mAQ3gFh+NzZcykKFNxaYN3udbR 6AHo895iASYPTE009a30lEVbhBwsYK+zRSv4siD+lDfaUAei7sb9j8GkuaDdfuOn rofkOEAEP0pgrrIl0D0bMYHLz6oSrd3pQxUW/aQFVPshSNOlDIHrztcTnOuFRk7p F5JG2bPbwr7HxDHPjOsovAIMguRZRRLJfCI0VbUXnyFu6bfXtGD0X1YM4S+6iisC kzxyISITCwCuMMgq6gP5 =beQG -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists