lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 13 Jun 2018 10:43:57 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2018-06-13-01 Xcode 9.4.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-06-13-01 Xcode 9.4.1

Xcode 9.4.1 is now available and addresses the following:

Git
Available for: macOS High Sierra 10.13.2 or later
Impact: Multiple issues in git, the most significant of which may
lead to arbitrary code execution
Description: Multiple issues existed in git. These issues were
addressed by updating git to version 2.15.2.
CVE-2018-11235: Etienne Stalmans
CVE-2018-11233

Installation note:

Xcode 9.4.1 may be obtained from:

https://developer.apple.com/xcode/downloads/

To check that the Xcode has been updated:

* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "9.4.1".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAlshUvcpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCaKCg//
TW244KT2uRPxE2di0l7BFrXEfkOUxjRt6qgo9ZmcV3PvDb3XIy/42MV8Q3vyVgxH
d+lQsDpyTkkCdKvfPIIDmZt34o715yimWzneFmpG2HbIS47yGvkpGyYgzeECPil2
UOzg9Q/pSx6/o0o24gIywlKsbqitgsMMNyDbugSUFNdGRhaZsUOAcggklfr8iefW
TJmfzjSPlXrk3ft3o2Fu9enafRpAXh5f8JIAirbbq4CY0cKImWHoMO7jMC8qqooF
QbLcX7d+il8GWKn+B1O6BAfi+phq78UiTAZA2ua7lh3Uu6xi9mqcyDyoDODheuCR
Nd6fW6XdzQ7ItBam6AdHaWOKAVYutmTd8JgUH28O7V0a/V65Y9kHLierztj5RmMq
8AkfFQMTMKhgjGvtGxJj8LljJ/8n3PreLqnZ2hrfW8klOBJ2rlujKYLPvK3BfRIm
kk6vTaatglPtYSbc0ynB322f2j253yfz3Q3Gx0PiZ9CYM6vqvCs+5XjIVowYyDV4
mtOmD2DSepXPhyFrXtL4ErLJ7et0l3DTo5Wc5RR+1QsEY3WIshrDpixD9l6fW37n
dDulkvElPtDVi0s0Y/k7OGpgtpAc499Sxupr94umUC/dLkGWtA+S6vuJOocLeYjy
vAWTy3pX3wSDkc+swb9d4Varqr9K8h/0PxrSSp+zKF8=
=cj8v
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists