lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <C07E0F7C-E6BF-487E-9B91-281572945159@lists.apple.com>
Date: Mon, 20 Sep 2021 14:44:26 -0700
From: product-security-noreply--- via Fulldisclosure
 <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2021-09-20-5 Safari 15

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-09-20-5 Safari 15

Safari 15 addresses the following issues. Information about the
security content is also available at 
https://support.apple.com/HT212816.

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2021-30846: Sergei Glazunov of Google Project Zero

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2021-30848: Sergei Glazunov of Google Project Zero

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2021-30849: Sergei Glazunov of Google Project Zero

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2021-30851: Samuel Groß of Google Project Zero

Installation note:

This update may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFI884ACgkQeC9qKD1p
rhgQKRAAtAtjoHZeSq76axhTkrfDs3yQ2/8h5RLQP+95h77SAMwmd6j9HVpgPpAR
jtsOm7C4GKfL3QiHKbR3+mWMku8Lp4thqUQMCYx0rjmlVKdS5LV8ANyGyf1QtDD3
M2V4jkbC1498d3V2MvvrttLajjjZAP6LlnK2nU/OI+Uir700XV7V56AmRplDHwdJ
SdUJ+XpK+8sK49sOILTSWWmf4FJmOhnB359wM+YG4tneoue9GDuujV9GzrSMgnrI
bNxUqUnddFxfFI8Yn3Bhb+cpivRwLwN/l4ISlyYAGyhVdtPLAetrRMnz/WT96ut3
tx1ks5Y38xtk2O/8icarqNWop3Ah5RehI+XmdCRideU3m8UUJMx55elwIEz3urxT
kKVzs+zhL48dP1xClV5agDOPG0RnwqgecFcAeut7z3vAS8nleavHWDzdZ50v8+zI
ycaLBQjv7IJ1pZyA7q+S7etkrbIfRpJgmEAuJhJwsxKgTinRosyL85sVvbwNbptV
o+3Ed+4tE8WaQpPkHoILc48elS8StBigdjbJwIdYqGvUuLrlkmwRizZwyl4/60Tm
scVpUffKchASL/Qmx7CDirGuNAlX7/L5wUOzr2KxcXtIBOhc8fcbra0Z+Tg9PCBX
AF9OMAO5V4Wog/WX8+AyfNnpXWtuBu5hzNtAXta1D3qotpOJ5fM=
=VcXk
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ