lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <28823904-F709-482B-B41D-4F4913D99BD0@lists.apple.com>
Date: Tue, 09 Feb 2021 16:52:28 -0800
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1,
 macOS Catalina 10.15.7 Supplemental Update,
 and macOS Mojave 10.14.6 Security Update 2021-002

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7
Supplemental Update, and macOS Mojave 10.14.6 Security Update
2021-002

macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental
Update, and macOS Mojave 10.14.6 Security Update 2021-002 addresses
the following issues. Information about the security content is also
available at https://support.apple.com/HT212177.

macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update*,
macOS Mojave 10.14.6 Security Update 2021-002

Intel Graphics Driver
Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative

Intel Graphics Driver
Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed with additional
validation.
CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative

Sudo
Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7, macOS
Mojave 10.14.6
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed by updating to sudo version
1.9.5p2.
CVE-2021-3156: Qualys

* After installing this update, the build number for macOS Catalina
10.15.7 is 19H524.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmAi22YACgkQZcsbuWJ6
jjAAQQ//QqBxmotc7s4GOHmQfGryZ2A7iJvoTc2B9EGuTJ32C5W1venGd2HaKKq8
okD5kxyqeH351MkHgTHOqS7S+f41WVm+ICnOQ8BIFmmff5fRZm0H1L05y9Ze5EI0
tkI2ztNr3ci59IC5YCzGX94FIHESW3pcLmOQrGRDSkZk+UjX8WijUWEdkueDR0NV
/4jYZqW1p0u+MNaFfIxZTb5ODt+2BkTS81HPpDdPOMq9jaP3bR1dK+Dd2CX9qP5e
SZ0dUOL487zQkvrnPIaykXBuaHg9Apqsc1BaY02DQlPYoYaTQn7LFUkw2CICDSiF
lTYeZecn0L3EHAEzsLG1Rh0UbJZ/UZuB1zMZhrn49XTpbqE5VQHtAF8I3cQxZa7A
Y9HkTVygJP/Vqg8ArNKvVE8SUjH5JWkFvcWn7Zpzshx/KsQGfnbLVk/o9LYKYTjX
7m56/XqfyGyi3ookWMHHcQhRvbKU0NF4yaQyoP1xk77c9Bukno5l3IfJmeMyQHK+
HsEMO+vBd/+jUDDSKB78ygTQRMudUULz2nf5WgxlnAReBa22x3Ed9eC3hCoVUfNV
U5AwAm06BLZKItQ52xxPnZKY15tii57jZIfaB9iXi5Yzyes9CZ7gfu7HrS0LU41k
LPM4m0rOJWj+nFelY/PormPiGpJsKMj1FuDtvkGbXnl/IhRMGzE=
=qIKx
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ