[<prev] [next>] [day] [month] [year] [list]
Message-id: <31206CE8-8F1D-45D7-B8AF-1BE064DCFF8F@lists.apple.com>
Date: Thu, 26 Sep 2019 13:18:14 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2019-9-26-2 macOS Mojave 10.14.6 Supplemental Update
2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-9-26-2 macOS Mojave 10.14.6 Supplemental Update 2,
Security Update 2019-005 High Sierra, Security Update 2019-005
Sierra
macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005
High Sierra, Security Update 2019-005 Sierra are now available
and address the following:
Foundation
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS
Mojave 10.14.6
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
Installation note:
macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005
High Sierra, Security Update 2019-005 Sierra may be obtained from
the Mac App Store or Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NFuwACgkQBz4uGe3y
0M3WrBAAr+Bi8S05hUUkC9r4Jz/PlG2vMLDKedwcRPsiEiJ87izrfA8Bb/9qQ3EV
IvRqTdw+RDjCQsMZ5GfNHLRynbYyq3ILSCEhLOvpAhHt4gkNF83EktleSe+yTno2
QlEa+l8oJGr2GMVsQNmXWPmykLNx1qK5jysPgepdm/JYOfz+IMGxM7vCaNMk+1gb
hohqa60VBnOrl/6QyD39Y8U7JI7aQFYzc0b3NtQI4H5jgO/5LPeScBe3eNf9ldjf
CN6TcI1VPEeGtEqBn5M5/YA/WB4zpaCOWB9KeOqgp+EMKeZtgNNDUDyeP0mL4sXh
0S9xub5dxkk2wEanBZe7bAJydoW9HIn9CAptcM3N7cCJ5vhTye96wCZ+awHJ32NU
n2fm/rbOA4zB6NjTI052QwjElY8h8mh0E2sgU+04cF6GnIEEwxg1QTH0ccVl2YXf
2ek9DvdC+XbM6sGemNat4TBgsB20E6EVpmEXIJnS7hFTt3wuSEcQckYo3kUxMCQB
9pql4Rsq4Ma4uAK7b8Wsk8VTq1hWa7zo5cvSZcCirspHqyX0hmj236D9nUD1rPYI
zt+h9Bhe2ee/ahQBgQND4uzYaLROsz7jFqR6PXQy/abx5+vYv236DweTjG0QWvAQ
ubQ+WQrHYeW2nFOpZ2Lk18Sn0Fo5A3dTTTj9LEIeETbg2kwMjdE=
=+3Bw
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists