lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <26085FE5-BEEB-4AC4-97C4-51C88452BC9E@lists.apple.com>
Date: Tue, 31 Oct 2017 11:31:30 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2017-10-31-7 iCloud for Windows 7.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-7 iCloud for Windows 7.1

iCloud for Windows 7.1 is now available and addresses the following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-13785: Ivan Fratric of Google Project Zero
CVE-2017-13784: Ivan Fratric of Google Project Zero
CVE-2017-13783: Ivan Fratric of Google Project Zero
CVE-2017-13788: xisigr of Tencent's Xuanwu Lab (tencent.com)
CVE-2017-13798: Ivan Fratric of Google Project Zero
CVE-2017-13795: Ivan Fratric of Google Project Zero
CVE-2017-13802: Ivan Fratric of Google Project Zero
CVE-2017-13792: Ivan Fratric of Google Project Zero
CVE-2017-13794: Ivan Fratric of Google Project Zero
CVE-2017-13791: Ivan Fratric of Google Project Zero
CVE-2017-13796: Ivan Fratric of Google Project Zero
CVE-2017-13793: Hanul Choi working with Trend Micro's Zero Day
Initiative
CVE-2017-13803: chenqin (陈钦) of Ant-financial Light-Year Security

Installation note:

iCloud for Windows 7.1 may be obtained from:
https://support.apple.com/HT204283

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u8IpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEYLpRAA
s9bjWuoyMfuwsQ13x6VJKjexVHI9q7SQIKR2z5R/ZtzZuYFCb/dpJHVaQ7zE5tVU
mnmhQYlmws0aZv3L1De32kP17rdCcwTn7tFHb0g7dwjLiQv6wcNmX8eb9jA4s9ex
Lw4DVtNI1GuYxdbBk4TM8nYBEKXzXSMZIxkhTzpLmIb35EHgSTjPQ8SyFn4wax4J
B9co2YQcJKFMEMLXwP65l2/3x3Em2TquNFOZsa8u/CqkGybX256LNQTP54UQ1m0Z
B10etLKpvqTX8LBogqJxzTrpehN3MVZbdVIAgmQdyxyXi9cOI4vDx2zqyQ/iRza/
70F0JanacjIpHuCQaM0OPT+wnuF9QH1tPKR9yYl389zTNRn8o5pGILXdrnx9/wkJ
QK5UmiGGd7yrFYRGTPkGT7XYocnbLSQsUA8KG0/nukoFAgiB2Bv7aG2gHs2Rz7ch
9V6IHOgdHbAR2Gw7zfI6c5nDiI7TlNyRe/eXfNSHeyRZ+UB/1KgzoLxWvEPC46Ei
ca6wfms+omRk37v77e/yE6USLjF1sjXBHaAVykT5UnOBwhflF8sjoMD3Zoc399SP
TRQeXQ4gu0Q0CHq9kRcSOS/b2tidfC56zMunTR3RvjmJKwZYiLSqVctVdMaKEb8Y
TxNJv7Akjrwd092bi/m/W/AS45I634Nx8j1zSTOIdqw=
=WlXN
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ