| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Aug 2019 10:46:25 -0700 From: Akila Srinivasan via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2019-8-26-2 macOS Mojave 10.14.6 Supplemental Update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-8-26-2 macOS Mojave 10.14.6 Supplemental Update macOS Mojave 10.14.6 Supplemental Update is now available and addresses the following: Kernel Available for: macOS Mojave 10.14.6 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A use after free issue was addressed with improved memory management. CVE-2019-8605: Ned Williamson working with Google Project Zero Additional recognition Kernel We would like to acknowledge @Pwn20wnd for their assistance. Installation note: macOS Mojave 10.14.6 Supplemental Update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl1kFfgACgkQBz4uGe3y 0M0cTw//dP4wrZN4RqKI/Jk4ogQb/N3xOBFhfmK+QStQP7NNslk8xMNQ/N7kPTRn 2bUSMmTXOupXXdP1MgDa4wmti8SB/CfB8TmtPER0DUtiLoeTXv+/CIv/ZcdQOi1Y ICE9qBa+vcX++yifYZzhBBZ1sPFflAwUlG5khXzMjFGo58NkoWMT8atDlWB1KGSi 744GilS8PGO/Bw6MNlWmK4gZCSjx1e+bGF/BU+P2TvkSaB8s9GD70ECfj+9FECmU 9ZQE3n6+78KbM8S6UShSUsWRVtMiyfqavmopAgpZUBSqQ94jzUtqhWD+Q3DnR97p WdwIRuJjPxtf21YND9V61Sp/KY4Cf6IVAww5cUoUnTLcPQ0B17AT1qs3Fp+d4iGz V14YF1rDkbyaCEvIeDyOW8nig1IA07uo4zpH4RzwanjWQPd3BIw24IjvOjq9m18c rxiV6wqpPWNBaytwc/T50vWqK2EqFc1lNA/Azw7k+MxCcHLm0fP+B230JtNiu2nh bI8SlN/3i7FiUjR2GS6UaMlxCGIXlUsZa6eP6gB/DF03zSFhXMBEu94YZKd927+9 xQ6TypwG/9BBvAuhAvGwCyW5Y9VJBQHCYns9D9T+RWu3GrvlSlz0JtdRxnjSbNQn pu5zW/1Ltrb1qvnb1iWTFu6IiqOMYKDsGNwfc/Y35rN03QEywkI= =B+5n -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists