lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 26 Sep 2019 13:20:23 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2019-9-26-5 watchOS 6

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2019-9-26-5 watchOS 6

watchOS 6 addresses the following:

Foundation
Available for: Apple Watch Series 3 and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel GroƟ and Natalie Silvanovich of Google Project
Zero

Installation note:

Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641

To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".

Alternatively, on your watch, select "My Watch > General > About".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2L4cgACgkQBz4uGe3y
0M0eng/+PLb11EQvodGFMq64ib7Iu4VbU10ZH8QQ5s4Tccffh0aNqD0eAhSmcFR/
ZQKAIJt8eTwJrnKp6OSNo4JWchkaOsNj2DD4AFPjwO+/dlxH0TA82UPDL3BM2iD6
YFgDSuWtnmaSjF5zGOX6GDfsLKO94OfKG73Hivc63OHOBw9jGKLhMaIxG7MfYV+E
U1+1ZaeVU1o2bFzDyQ+Y5aHaKXxNwO180rGMa4KLoeFYYMnxofm9lq9/dmQ/wokl
kKP1Se0xu7UND/xvjhsAysg95NIgmeBjhnufkqvu/FrQl5MsiSmWs+dujksoJ/k4
gsLU1Giq7Ai450qoUFAvKlgREt9jpChpm3/2/+rZnJCdfbVaWvzP9pqH0M6fjOM0
7vs1EHb3Zd/Mywqz7YH5dMvRzG0QeBSzixP75CbMfyIOZP09nb0s3/w7ch2gNArQ
vUG2Mx4J0maYqTJs4VrgLWOMICuRh5uJ1l+UrwgLvXIw8f9qromX5F25+uIDW8Wy
dQNwrzZUelLrQ2e3u5nrRNF7lyHNBR3az/EPgeUesk7EnN4OLgbyh5f7tlVlNVQQ
PZzMWWSVcZPG86WDannB3OungaRsAhqPH/9S1vTMDG7/Y8MfB3bVqToMYv6JIgdv
1dOcOFjT3YSUob/+eQdJG0pXyvN3UJTOBQb4fM8b1/ovqqovcIg=
=Gtir
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists