lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <506880E8-D099-49D6-AEFB-AFD672C2568C@lists.apple.com>
Date: Wed, 27 Jun 2018 11:02:00 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2018-06-27-1 SwiftNIO 1.8.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-06-27-1 SwiftNIO 1.8.0

SwiftNIO 1.8.0 is now available and addresses the following:

SwiftNIO
Available for: macOS Sierra 10.12 and later, Ubuntu 14.04 and later
Impact: A remote attacker may be able to overwrite arbitrary memory
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4281: Apple

The following versions also contain the security content of
SwiftNIO 1.8.0: 1.0.1, 1.1.1, 1.2.2, 1.3.2, 1.4.3, 1.5.2, 1.6.2,
1.7.3.

Installation note:

SwiftNIO 1.8.0 may be obtained via Swift Package Manager.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222 and
https://github.com/apple/swift-nio/releases/tag/1.8.0.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCABHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAlszzrspHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCYczQ//
bAlQPEBKRG482pKuKfKRXXjBDazu8zTiqsz1sHibYrtGCvNsApIhYOcDuUDKm8ey
vk9DDmrcpI9gfxM975077qpnLjSAkpnPB60MRwxceWsNVnXhiLyU0+Fx5yQ2X6ey
BhkY5Et+FhgLmrgr/nHb9IFkGGuUnDtNjN7N/GU7hyaGyxeYdfNFHMIUF/BGKroC
3VpD30hxZKFQjLUUXPKSy5oa6jD6FiXEDQmKdBbCpTvIj/f2GUgDkk+ErzzOBCjh
Et6BC9QM4qleOzzJu9+8YlCyj2XOuGkWsVs6SMPmpP+mz+1/bDgzmy8hcWSb6cmo
rEnE40t3jNHbw23jX9Xu7Fm2OdXw327kERbiwFSOSxzQJh4UwIdz4y5phz29ify3
bXEoInDORhomZuMCiK7ZhjNHFTLNxI1XFbHjbpEEZUgVYRUkHO9kKP9hOzLV8Gu/
nw0MAI5n/8lzxyRdpcBcFPWuWkyOFlIve/1vTQgTOMwOXeUudE1Ps2EWPFZO/Hlh
9nEy+Cd7zngO2YCDFsAePJXJCeg5b4n2FBrd4B3/xDWpeyk8guewwV0uosdqJ6Ht
YQMYXUDeT7OHu+31Wt/JNUORIRuaVVStkl3jyrZufS2cyqhkTFX3f/ng8/A1C708
FMLHzFNworXo006KAKYlEOuVIMqz0lM9l5TEwq9E3Qo=
=iH/I
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ