lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <3A4EA778-7CD7-4F60-9A0C-0E44E1FEA68E@lists.apple.com>
Date: Mon, 08 Mar 2021 15:01:29 -0600
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2021-03-08-3 Safari 14.0.3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-03-08-3 Safari 14.0.3

Safari 14.0.3* addresses the following issue.

Information about the security content is also available
at https://support.apple.com/HT212222.

WebKit
Available for: macOS Catalina and macOS Mojave
Impact: Processing maliciously crafted web content may lead
to arbitrary code execution
Description: A memory corruption issue was addressed with
improved validation.
CVE-2021-1844: Clément Lecigne of Googleʼs Threat Analysis Group,
Alison Huffman of Microsoft Browser Vulnerability Research

Installation note:

* After installing this update, the build number for Safari 14.0.3 is
14610.4.3.1.7 on macOS Mojave and
15610.4.3.1.7 on macOS Catalina.

Safari 14.0.3 may be obtained from the Mac App Store.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmBFmlQACgkQZcsbuWJ6
jjAGzBAAhs1CvO+1h1T+CjNSzbOiQqEG7k4+FcoJnwIRGgxyFFO741cmir+1PXNr
M4G7CpH3dNyvHd1YUx6QkzShfbA1rcpt0xE9CRxHnhdAbaOEVZGNqltPnDhuPVI7
ErouF4Eihnc0729tB5yhxJFSknCDtN1ht9cy1FnYXPs857iPxad49+Lv7sWQloB/
Sn4UfLJLKpviNw8bwe4l0Pfton0sFg1nPuQnIoRMSNSqIcehM0qb5c6MfQyq/Meu
JvQ4A9I6A1RulNo/WafrJwOQ8eIASTQIUEKKPDgiYWqHE3Vs8gh08GEX3Az0zkNO
bS/097n4NrTvT/Y7ewFMW8DtLhd/SJGc4AdSPSeqMlJHvKpRWqjOfAPAU/bA6rTO
K/yGMAvdGQ0rKWjUQ777TffeHwrWziQWuCOe2ZHcT/UbXS9F7N4G8aRH4bOXwMkm
vS6qg/+BkwovTe6k4W64N5uoq9o3XuMUYFSz2OObPhzst35kA3C6AFa0oUPsrAmz
buV3r5IrNb773Wua3FNY+Jl3s7mTPB+meNVZ4nznr6FJUtPUG7f2Sjy1fMrymE8r
JgBynTggDyuLCWrMQCPINxWYaJgp4qSiDUjkX/Ej/TnCPz4ia/4Bo/OoPgLU8ucv
IgRL+VqfVTHnZ66ljEacZz98+i4k2HuMxoAUeQs0vyuw3KlY6s8=
=Q7cQ
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ