[<prev] [next>] [day] [month] [year] [list]
Message-id: <A73D662D-34C8-45CC-8299-03E41A417A9B@lists.apple.com>
Date: Tue, 31 Oct 2017 11:31:36 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2017-10-31-8 Additional information for
APPLE-SA-2017-09-25-1 macOS High Sierra 10.13
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-10-31-8
Additional information for APPLE-SA-2017-09-25-1
macOS High Sierra 10.13
macOS High Sierra 10.13 addresses the following:
802.1X
Available for: OS X Mountain Lion 10.8 and later
Impact: An attacker may be able to exploit weaknesses in TLS 1.0
Description: A protocol security issue was addressed by enabling TLS
1.1 and TLS 1.2.
CVE-2017-13832: an anonymous researcher
Entry added October 31, 2017
apache
Available for: OS X Mountain Lion 10.8 and later
Impact: Multiple issues in Apache
Description: Multiple issues were addressed by updating to version
2.4.27.
CVE-2017-3167
CVE-2017-3169
CVE-2017-7659
CVE-2017-7668
CVE-2017-7679
CVE-2017-9788
CVE-2017-9789
Entry added October 31, 2017
apache
Available for: OS X Mountain Lion 10.8 and later
Impact: Multiple issues in Apache
Description: Multiple issues existed in Apache. These were addressed
by updating Apache to version 2.4.25.
CVE-2016-736
CVE-2016-2161
CVE-2016-5387
CVE-2016-8740
CVE-2016-8743
Entry added October 31, 2017
AppleScript
Available for: OS X Mountain Lion 10.8 and later
Impact: Decompiling an AppleScript with osadecompile may lead to
arbitrary code execution
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13809: an anonymous researcher
Entry added October 31, 2017
Application Firewall
Available for: OS X Lion v10.8 and later
Impact: A previously denied application firewall setting may take
effect after upgrading
Description: An upgrade issue existed in the handling of firewall
settings. This issue was addressed through improved handling of
firewall settings during upgrades.
CVE-2017-7084: an anonymous researcher
AppSandbox
Available for: OS X Lion v10.8 and later
Impact: An application may be able to cause a denial of service
Description: Multiple denial of service issues were addressed through
improved memory handling.
CVE-2017-7074: Daniel Jalkut of Red Sweater Software
ATS
Available for: OS X Mountain Lion 10.8 and later
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2017-13820: John Villamil, Doyensec
Entry added October 31, 2017
Audio
Available for: OS X Mountain Lion 10.8 and later
Impact: Parsing a maliciously crafted QuickTime file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-13807: Yangkang (@dnpushme) of Qihoo 360 Qex Team
Entry added October 31, 2017
Captive Network Assistant
Available for: OS X Lion v10.8 and later
Impact: A local user may unknowingly send a password unencrypted over
the network
Description: The security state of the captive portal browser was not
obvious. This issue was addressed with improved visibility of the
captive portal browser security state.
CVE-2017-7143: an anonymous researcher
CFNetwork Proxies
Available for: OS X Lion v10.8 and later
Impact: An attacker in a privileged network position may be able to
cause a denial of service
Description: Multiple denial of service issues were addressed through
improved memory handling.
CVE-2017-7083: Abhinav Bansal of Zscaler Inc.
CFString
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13821: Australian Cyber Security Centre – Australian Signals
Directorate
Entry added October 31, 2017
CoreAudio
Available for: OS X Lion v10.8 and later
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed by updating to Opus
version 1.1.4.
CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend
Micro
CoreText
Available for: OS X Mountain Lion 10.8 and later
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-13825: Australian Cyber Security Centre – Australian Signals
Directorate
Entry added October 31, 2017
Directory Utility
Available for: OS X Lion v10.8 and later
Impact: A local attacker may be able to determine the Apple ID of the
owner of the computer
Description: A permissions issue existed in the handling of the Apple
ID. This issue was addressed with improved access controls.
CVE-2017-7138: an anonymous researcher
file
Available for: OS X Lion v10.8 and later
Impact: Multiple issues in file
Description: Multiple issues were addressed by updating to version
5.30.
CVE-2017-7121: found by OSS-Fuzz
CVE-2017-7122: found by OSS-Fuzz
CVE-2017-7123: found by OSS-Fuzz
CVE-2017-7124: found by OSS-Fuzz
CVE-2017-7125: found by OSS-Fuzz
CVE-2017-7126: found by OSS-Fuzz
file
Available for: OS X Mountain Lion 10.8 and later
Impact: Multiple issues in file
Description: Multiple issues were addressed by updating to version
5.31.
CVE-2017-13815
Entry added October 31, 2017
Fonts
Available for: OS X Mountain Lion 10.8 and later
Impact: Rendering untrusted text may lead to spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-13828: an anonymous researcher
Entry added October 31, 2017
fsck_msdos
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13811: an anonymous researcher
Entry added October 31, 2017
HelpViewer
Available for: OS X Mountain Lion 10.8 and later
Impact: A quarantined HTML file may execute arbitrary JavaScript
cross-origin
Description: A cross-site scripting issue existed in HelpViewer. This
issue was addressed by removing the affected file.
CVE-2017-13819: an anonymous researcher
Entry added October 31, 2017
HFS
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13830: Sergej Schumilo of Ruhr-University Bochum
Entry added October 31, 2017
ImageIO
Available for: OS X Mountain Lion 10.8 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-13814: Australian Cyber Security Centre – Australian Signals
Directorate
Entry added October 31, 2017
ImageIO
Available for: OS X Mountain Lion 10.8 and later
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An information disclosure issue existed in the
processing of disk images. This issue was addressed through improved
memory management.
CVE-2017-13831: an anonymous researcher
Entry added October 31, 2017
Installer
Available for: OS X Mountain Lion 10.8 and later
Impact: A malicious application may be able to access the FileVault
unlock key
Description: This issue was addressed by removing additional
entitlements.
CVE-2017-13837: Patrick Wardle of Synack
Entry added October 31, 2017
IOFireWireFamily
Available for: OS X Lion v10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7077: Brandon Azad
IOFireWireFamily
Available for: OS X Lion v10.8 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-7119: Xiaolong Bai, Min (Spark) Zheng of Alibaba Inc.,
Benjamin Gnahm (@mitp0sh) of PDX
Kernel
Available for: OS X Lion v10.8 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7114: Alex Plaskett of MWR InfoSecurity
Kernel
Available for: OS X Mountain Lion 10.8 and later
Impact: A local user may be able to leak sensitive user information
Description: A permissions issue existed in kernel packet counters.
This issue was addressed through improved permission validation.
CVE-2017-13810: an anonymous researcher
Entry added October 31, 2017
Kernel
Available for: OS X Mountain Lion 10.8 and later
Impact: A local user may be able to read kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed through improved
input validation.
CVE-2017-13817: Maxime Villard (m00nbsd)
Entry added October 31, 2017
Kernel
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13818: The UK's National Cyber Security Centre (NCSC)
CVE-2017-13836: an anonymous researcher, an anonymous researcher
CVE-2017-13841: an anonymous researcher
CVE-2017-13840: an anonymous researcher
CVE-2017-13842: an anonymous researcher
CVE-2017-13782: Kevin Backhouse of Semmle Ltd.
Entry added October 31, 2017
Kernel
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13843: an anonymous researcher
Entry added October 31, 2017
Kernel
Available for: OS X Mountain Lion 10.8 and later
Impact: Processing a malformed mach binary may lead to arbitrary code
execution
Description: A memory corruption issue was addressed through improved
validation.
CVE-2017-13834: Maxime Villard (m00nbsd)
Entry added October 31, 2017
kext tools
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A logic error in kext loading was addressed with
improved state handling.
CVE-2017-13827: an anonymous researcher
Entry added October 31, 2017
libarchive
Available for: OS X Mountain Lion 10.8 and later
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-13813: found by OSS-Fuzz
CVE-2017-13816: found by OSS-Fuzz
Entry added October 31, 2017
libarchive
Available for: OS X Mountain Lion 10.8 and later
Impact: Unpacking a maliciously crafted archive may lead to arbitrary
code execution
Description: Multiple memory corruption issues existed in libarchive.
These issues were addressed through improved input validation.
CVE-2017-13812: found by OSS-Fuzz
Entry added October 31, 2017
libarchive
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2016-4736: Proteas of Qihoo 360 Nirvan Team
Entry added October 31, 2017
libc
Available for: OS X Lion v10.8 and later
Impact: A remote attacker may be able to cause a denial-of-service
Description: A resource exhaustion issue in glob() was addressed
through an improved algorithm.
CVE-2017-7086: Russ Cox of Google
libc
Available for: OS X Lion v10.8 and later
Impact: An application may be able to cause a denial of service
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-1000373
libexpat
Available for: OS X Lion v10.8 and later
Impact: Multiple issues in expat
Description: Multiple issues were addressed by updating to version
2.2.1
CVE-2016-9063
CVE-2017-9233
Mail
Available for: OS X Lion v10.8 and later
Impact: The sender of an email may be able to determine the IP
address of the recipient
Description: Turning off "Load remote content in messages" did not
apply to all mailboxes. This issue was addressed with improved
setting propagation.
CVE-2017-7141: an anonymous researcher
Mail Drafts
Available for: OS X Lion v10.8 and later
Impact: An attacker with a privileged network position may be able to
intercept mail contents
Description: An encryption issue existed in the handling of mail
drafts. This issue was addressed with improved handling of mail
drafts meant to be sent encrypted.
CVE-2017-7078: an anonymous researcher, an anonymous researcher, an
anonymous researcher
ntp
Available for: OS X Lion v10.8 and later
Impact: Multiple issues in ntp
Description: Multiple issues were addressed by updating to version
4.2.8p10
CVE-2017-6451: Cure53
CVE-2017-6452: Cure53
CVE-2017-6455: Cure53
CVE-2017-6458: Cure53
CVE-2017-6459: Cure53
CVE-2017-6460: Cure53
CVE-2017-6462: Cure53
CVE-2017-6463: Cure53
CVE-2017-6464: Cure53
CVE-2016-9042: Matthew Van Gundy of Cisco
Open Scripting Architecture
Available for: OS X Mountain Lion 10.8 and later
Impact: Decompiling an AppleScript with osadecompile may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13824: an anonymous researcher
Entry added October 31, 2017
PCRE
Available for: OS X Mountain Lion 10.8 and later
Impact: Multiple issues in pcre
Description: Multiple issues were addressed by updating to version
8.40.
CVE-2017-13846
Entry added October 31, 2017
Postfix
Available for: OS X Mountain Lion 10.8 and later
Impact: Multiple issues in Postfix
Description: Multiple issues were addressed by updating to version
3.2.2.
CVE-2017-13826: an anonymous researcher
Entry added October 31, 2017
Quick Look
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13822: Australian Cyber Security Centre – Australian Signals
Directorate
Entry added October 31, 2017
Quick Look
Available for: OS X Mountain Lion 10.8 and later
Impact: Parsing a maliciously crafted office document may lead to an
unexpected application termination or arbitrary code execution
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-7132: Australian Cyber Security Centre – Australian Signals
Directorate
Entry added October 31, 2017
QuickTime
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13823: an anonymous researcher
Entry added October 31, 2017
Remote Management
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13808: an anonymous researcher
Entry added October 31, 2017
Sandbox
Available for: OS X Mountain Lion 10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13838: an anonymous researcher
Entry added October 31, 2017
Screen Lock
Available for: OS X Lion v10.8 and later
Impact: Application Firewall prompts may appear over Login Window
Description: A window management issue was addressed through improved
state management.
CVE-2017-7082: Tim Kingman
Security
Available for: OS X Lion v10.8 and later
Impact: A revoked certificate may be trusted
Description: A certificate validation issue existed in the handling
of revocation data. This issue was addressed through improved
validation.
CVE-2017-7080: Sven Driemecker of adesso mobile solutions gmbh, Rune
Darrud (@theflyingcorpse) of Bærum kommune, an anonymous researcher,
an anonymous researcher
Spotlight
Available for: OS X Mountain Lion 10.8 and later
Impact: Spotlight may display results for files not belonging to the
user
Description: An access issue existed in Spotlight. This issue was
addressed through improved access restrictions.
CVE-2017-13839: an anonymous researcher
Entry added October 31, 2017
SQLite
Available for: OS X Lion v10.8 and later
Impact: Multiple issues in SQLite
Description: Multiple issues were addressed by updating to version
3.19.3.
CVE-2017-10989: found by OSS-Fuzz
CVE-2017-7128: found by OSS-Fuzz
CVE-2017-7129: found by OSS-Fuzz
CVE-2017-7130: found by OSS-Fuzz
SQLite
Available for: OS X Lion v10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7127: an anonymous researcher
WebKit
Available for: OS X Lion v10.8 and later
Impact: A malicious website may be able to track users in Safari
private browsing mode
Description: A permissions issue existed in the handling of web
browser cookies. This issue was addressed with improved restrictions.
CVE-2017-7144: an anonymous researcher
zlib
Available for: OS X Lion v10.8 and later
Impact: Multiple issues in zlib
Description: Multiple issues were addressed by updating to version
1.2.11.
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
Installation note:
macOS High Sierra 10.13 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u8MpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEaV7BAA
oPmo5pAA/HORVC3jl7tvStUpsUUiiez204FhuoVFsvHq0w7eYjsYDilzw7f6yveV
e9Xhlbz7jhFpa1SXQhtiK5SSA1aJqhXIzZPSSf4ex/6qBZCSUrAZi1vC05TuQFi2
bvZ9N2mr3Mwd4GlxN7XZ6DLi3BqQPaKIavmuxOLkUSCpkwj9npS1oPDvMCP8DX4q
goywFq4QOgvSJnohH/G8IGSm2Txy/IES68vvxdPRUi3IzjGM7E88QHkwKBDiqZRG
ozuhx8Zs+cEh8yIzLO2UoTJe5gVgz1si7J4tgCPTT65r3Uf2sizkOMMdX8PHmCCi
WTs3adVyJgC8nNql24cvPpJ4UM7bia0adzNf7cjTf7KKtVomIzR6IFaa+V737a+A
jESOB5J0iy1oqzfGN8/zf724N+rc5jp/QejM6tTvcNuc807Z4jVpR3CEr+GkMENz
Hq1Vr06gnBolmwnwlhCHujYwOpJXJ2xllQavNoe6r57XTYid1rjuRG5KXNWPlEgw
GyoB8rTLY+BzLszUtrQlhh5QXa8WaQLg0uPJJDHH3DUM7jEXRBrk7nhrz4z2qq7S
j1hlkhZbW2HuYg9URLhgYtkMgVjbTneZkWhEqER+AIbqFKdwTkuNgu5sHnWCrXG0
N+hmcqhXbgblWwiT0ma/I7Yn0b7O9g9stN88cL9cr3I=
=887+
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists