| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 May 2020 17:23:34 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: Apple Product Security via Security-announce <security-announce@...ts.apple.com> Subject: [FD] APPLE-SA-2020-05-26-2 iOS 12.4.7 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-2 iOS 12.4.7 iOS 12.4.7 addresses the following: Mail Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation Impact: Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9818: ZecOps.com Mail Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation Impact: Processing a maliciously crafted mail message may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2020-9819: ZecOps.com Wi-Fi Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch 6th generation Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A memory corruption issue was addressed with improved input validation. CVE-2020-3843: Ian Beer of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 12.4.7". -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJezV7QAAoJEAc+Lhnt8tDNuPEQAJnAwO9sbgdfm+qVVOLipUKF 6Vxmy9609KqDujTnVhylCRKTsieK3sIuHo9UIdJ63A2MCO9SL4PamKH4z63GnZTF Tx2DVv4UjfhiyqbbhOcCZVUUw80Z63L9nwcmtN8+VcFSCkOr3WHLTrTvd39HgaB7 Tehasa2NkN3E3c/Zmm2aQOIMrKmomMMF1eFn6eEMrlpSKNgqgzfo8QUhWEHiJsS/ RaFPRkZRKKmw+Y1MweCukqSi8bOzKNKBFahDmD7noHCtkHy0bFL85BFiist6cCX5 VxD3unfexYYmBwt466I++y49HVG6JrNyIsMEg6FayR8wrbewszDVh1YarHKwaZlI JrZpmzJwTed1QGOoQ6TBiz1uMjkcc38ae0vkl/UV79c30mI2mdq1hj/FgnrXbF4C HpoTDyDcN7bharGmVBWiPpZfaNGEZzjzg9ATn4oHnihMI2oNPJyiNsezNcczvOot hqJlW4Z78L+VucXZsaRNDciilMBKpWRTxzIvfZwMiEOCPU5uy4T0ou78XH/x2xju 4rSAbG+R9mx8VB2G9CHODyyR0xIQ1y2NiqUBDpP6O3pehBHlMaa21q6k/gAe05a5 lO+NH75EI0/uQDfJSrCj2WbD9riuJsQToU+KY7QOXk2iotY+LC/79gGo2G9cYVAN k7FzJH9C4lVimiOjFauD =h/Qh -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists