lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-id: <A61CB816-D328-426C-ADCD-F1F36729645E@lists.apple.com>
Date: Fri, 26 Mar 2021 14:53:10 -0500
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2021-03-26-3 watchOS 7.3.3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-03-26-3 watchOS 7.3.3

watchOS 7.3.3 addresses the following issue. 
Information about the security content is also available at 
https://support.apple.com/HT212258.

WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting. Apple is aware of a report that this
issue may have been actively exploited.
Description: This issue was addressed by improved management of
object lifetimes.
CVE-2021-1879: Clement Lecigne of Google Threat Analysis Group and
Billy Leonard of Google Threat Analysis Group

Installation note:
Instructions on how to update your Apple Watch software are
available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmBeORsACgkQZcsbuWJ6
jjCWHA/+KnQMVogMNMceQlBIBQ03J2Mthnjx2m1ahTGVoSXWwMdYfUMszcepADDR
nzY32BOdtJy55bHqrrELsEw7ZgsBYkMlCEZ15/LGfhqC7B8dywIKw3qE5SehAn8r
GXe78O0xb97Xe0TxX1r7m73QlLnW7QPKHw8bh2wEFLlOnyir2oqn4dmDur5ZR807
uM69qlOiHAISs/FyHWKJ1TnPAn+PEkQTo7MRErUy+ths4k3xLKF2Ds3PayqaUSsk
nzbK2hicNexjUFQhfX6Apvu79wEoGM4vYy+saIyBX/+/PRvFqL9ZUAWEjrCKeCb+
2ql8hh/OFJJIf77NSyBa4p2xPp+f1Jch2kcoT9zIlNeVd1aqc8XkSuUvOoGmZ5w4
beDv4dONvv6A+bmh4lHANWdguwUbN8vVdTefdhj4O0UpzHbmU5tT/4Xgln0k8jE3
8Nl4fUwfwa/S8VtHDtiWEGMY8fsMYJJS/cm5QdSoJispcLJpWmPYiFsa0H99+cj6
bloP8A4Xlna97BhnjLuvo1J7W+obUcBDZjgxJ2t3qgSak4JauTCnCHP70yJ3Z/bj
Sbv7y6nH1M6pWwh++fZrS2aG+2p0BuW/4IzOkev5Hl7gnOO3LQyhnV0nP/j04VHT
vumM7i9syYtKR6C1h/akXpA6TxHyfXVrSnNV1TwSEsUdKPMd2kg=
=5SNf
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists