| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Oct 2017 11:31:23 -0700 From: Apple Product Security <product-security-noreply@...ts.apple.com> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows iTunes 12.7.1 for Windows is now available and addresses the following: WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-13785: Ivan Fratric of Google Project Zero CVE-2017-13784: Ivan Fratric of Google Project Zero CVE-2017-13783: Ivan Fratric of Google Project Zero CVE-2017-13788: xisigr of Tencent's Xuanwu Lab (tencent.com) CVE-2017-13798: Ivan Fratric of Google Project Zero CVE-2017-13795: Ivan Fratric of Google Project Zero CVE-2017-13802: Ivan Fratric of Google Project Zero CVE-2017-13792: Ivan Fratric of Google Project Zero CVE-2017-13794: Ivan Fratric of Google Project Zero CVE-2017-13791: Ivan Fratric of Google Project Zero CVE-2017-13796: Ivan Fratric of Google Project Zero CVE-2017-13793: Hanul Choi working with Trend Micro's Zero Day Initiative CVE-2017-13803: chenqin (陈钦) of Ant-financial Light-Year Security Installation note: iTunes 12.7.1 for Windows may be obtained from: https://www.apple.com/itunes/download/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u8EpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZ1CRAA xMTNG0Zj+OoLMD/Ov9CnV9pW5vjSuTQ9WuA18Dx5uu5W3CWyq0LKxcLdjqXUDDdv y01pKRttWDW0ASo2j1dpPs1KCJUaBS0p+GKgaIaGWUSRRUzbQ66CtywPoS7XQ4j5 kZc1ffLv9nQWSG1K2BPCfAO85hjoz5Z7gnv7apuwlvHZzrdQDwmbHGlQmEdffmRF JyWDUnJf0G62a3sJgV1qbBVFA2f/PCh1jYroMts3m7B6Cf/zyQnQGpTBWE8ocQIV JiFBXv6F/lgAIyGkKHnQcAOy081LJ07uPl0phuJJyWCzuXHYezTQcUEdbJvDf6YN Z//OgvqiTYCHYaemPJ1s6OFSVb5D6ZpBNSUvmzqs02GcLOJcDmyjILAqJkP06va4 q0rUBr0PPBOrC/EMe0jgMitEmmC6+tJZ3384fS4OmJKIPpvZeqWfVm5Q/6K1nmsN GB3vtmqVLRJgZo9C5OnJNsu2nbk26YR0FdbRfAoq/al0wAOX7u5781rlqRQD2bFu YJSnUNNyuCTHrVebSCaynVmBDRLQMvHpSYsGtFbGvqQV1IwRyD4hsmd7t9R8E/rv ZBn4wkjA8aA0bH7pFHYRVKWsIQS2HrXwST/kTaJJEXr5nWgqtBW+FepV16vKb+Dw ksB9TffeaLOICXSvUrHsFwWN5FqWW5dlswZQ6ijyAhg= =0iAp -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists