lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <40FEC996-B06A-45A1-982E-AE757D5321C1@lists.apple.com>
Date: Mon, 26 Apr 2021 15:51:49 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2021-04-26-7 Safari 14.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-04-26-7 Safari 14.1

Safari 14.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212318.

WebKit
Available for: macOS Catalina and macOS Mojave
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: An input validation issue was addressed with improved
input validation.
CVE-2021-1825: Alex Camboe of Aon’s Cyber Solutions

WebRTC
Available for: macOS Catalina and macOS Mojave
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-7463: Megan2013678

Installation note:

This update may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO3wACgkQZcsbuWJ6
jjCVlg//QzcXS9Jzd4p1cEiwueBHv3aJXOcPXrmyLCvYJQv/lym8hZX6mgItUZPJ
XzBI4W/dZ+/TVWqkfu1nU2Tnd/O14blJLDlb7IbxpZ4HgsQp08T379gJqqX7Eazw
vs2MHUvarZJJp2k0XyxAuaOu+aE6JP6iqsoaXy/xnTAmiMVyojwHdQCP6T9IDyY1
gDhC1obltamK/qPJR0NoZFGSNP8nhd0FQWApmVqD13DIzd+jE6WFIY5SfgPSP/Qi
qHDxrdyUthnGTki4Q5Q/d6O9hKpEn79C510OfklxK6Uz98oFlk7JVnQS6HOljEtj
BjX7q+7uuU2NRmdsRfxGuoXsB38qcoKP2uiTfxBkyV4zfr4yUTwBxgBUG+xFs+kN
p7goCDzGxPhxJajan7p1XOnq9ZE0XWn8Z6N1QGCGRO/XxWcb9bW8k0UN6NWj5W5v
vNSdhD1BPNIVsLS5Cb2SUizoWPbfb6bEtQ+GVcdMSzXmumiODh5SoBvdFdf7/AAa
QCF+New0Kk2kUGA/vKQzcgVcXmAqrsl+Zyv8Gwu38VmFncY+JnimeYVGggOfUEJ3
I4mijVs/gHxlnfvYz+BiPQug5oO4dQ+o/TL9C6GXzP+AzDNr7byOWIIOJAgnacJT
Zff4Rh+65MN0fT41t/+OrKLdticCNXhLdNPBBTcF86aVj0ucHH0=
=aWwC
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ