lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-id: <A61CB816-D328-426C-ADCD-F1F36729645E@lists.apple.com> Date: Fri, 26 Mar 2021 14:53:10 -0500 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2021-03-26-3 watchOS 7.3.3 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-03-26-3 watchOS 7.3.3 watchOS 7.3.3 addresses the following issue. Information about the security content is also available at https://support.apple.com/HT212258. WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited. Description: This issue was addressed by improved management of object lifetimes. CVE-2021-1879: Clement Lecigne of Google Threat Analysis Group and Billy Leonard of Google Threat Analysis Group Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmBeORsACgkQZcsbuWJ6 jjCWHA/+KnQMVogMNMceQlBIBQ03J2Mthnjx2m1ahTGVoSXWwMdYfUMszcepADDR nzY32BOdtJy55bHqrrELsEw7ZgsBYkMlCEZ15/LGfhqC7B8dywIKw3qE5SehAn8r GXe78O0xb97Xe0TxX1r7m73QlLnW7QPKHw8bh2wEFLlOnyir2oqn4dmDur5ZR807 uM69qlOiHAISs/FyHWKJ1TnPAn+PEkQTo7MRErUy+ths4k3xLKF2Ds3PayqaUSsk nzbK2hicNexjUFQhfX6Apvu79wEoGM4vYy+saIyBX/+/PRvFqL9ZUAWEjrCKeCb+ 2ql8hh/OFJJIf77NSyBa4p2xPp+f1Jch2kcoT9zIlNeVd1aqc8XkSuUvOoGmZ5w4 beDv4dONvv6A+bmh4lHANWdguwUbN8vVdTefdhj4O0UpzHbmU5tT/4Xgln0k8jE3 8Nl4fUwfwa/S8VtHDtiWEGMY8fsMYJJS/cm5QdSoJispcLJpWmPYiFsa0H99+cj6 bloP8A4Xlna97BhnjLuvo1J7W+obUcBDZjgxJ2t3qgSak4JauTCnCHP70yJ3Z/bj Sbv7y6nH1M6pWwh++fZrS2aG+2p0BuW/4IzOkev5Hl7gnOO3LQyhnV0nP/j04VHT vumM7i9syYtKR6C1h/akXpA6TxHyfXVrSnNV1TwSEsUdKPMd2kg= =5SNf -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists