lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 17 Sep 2018 11:23:53 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2018-9-17-5 Apple Support 2.4 for iOS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-9-17-5 Apple Support 2.4 for iOS

Apple Support 2.4 for iOS is now available and addresses the
following:

Analytics
Available for: iOS 11.0 and later
Impact: An attacker in a privileged network position may be able to
intercept analytics data sent to Apple
Description: Analytics data was sent using HTTP rather than HTTPS.
This was addressed by sending analytics data using HTTPS.
CVE-2018-4397: Yigit Can YILMAZ (@yilmazcanyigit)

Installation note:

Apple Support 2.4 for iOS may be obtained from the iOS App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAluf7w4ACgkQeC9tht7T
K3Fh+BAAladfEhMqU/fHmTtXsfcmTAATaSpZOq1UF9uJ/J5RwR7OXQSkutOnNwcG
Vb0075qtoi7nTJQX94X/8qYgMvAmIYvuC/2Z7g7j4B93Co2sh4DgEmSQ1bcY5poi
3Crdd319vzfeGZ3FwqKEi6zUr7iydUA5R/f4nt6mTo0c57BFVXLVwHKMCm1iTpgk
WMatvf6fIOsxL/Q3X4DDn3sJAuVcNQTUeQIDtEaA1VT9gOuJBf5BOLXQDgYc6D84
qLKQ1sAgbtxmRYrCnbZKAvcKqWn77nvhjfaVq4OnSnjkLxowE1TD3XRzHJrdk3GN
x2ojRh3GwL2Iw15AYc3qEhI9cpJmOMdaKhu6C5UWKerILVP8lS/ygTKARSSW0id0
EfKu08f1Xi23uFiaqpSI2UBhMr0v9D49744ylUVGRVIGunqUJ0Nj9FmYBBKNRv5T
4RLGj5NsD5l7bCBBpKNA/n37ivcAetFGXpaxpAV5GGi45ZhYPK94EdbJuzte12GB
vRgyoN+LsphipjZc4Dzhu8smerpL9cIUWbINvAHfLwMEOhquTbJ6t96dHIbGOzC0
XpYbzVmYrVdCBcOZz5F+XwfOzGBWC74/tnHONeQopU8zB03vqrAEt9jM26hVtkfe
ztAS/8YR0xRcqvkx0bd7EwadbqbeDY5X+9DfwzjextQNPJz/vGA=
=s2QM
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists