lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 23 Sep 2021 11:15:27 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2021-09-23-2 Security Update 2021-006 Catalina

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-09-23-2 Security Update 2021-006 Catalina

Security Update 2021-006 Catalina addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212825.

XNU
Available for: macOS Catalina
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges. Apple is aware of reports that an exploit for
this issue exists in the wild.
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-30869: Erye Hernandez of Google Threat Analysis Group,
Clément Lecigne of Google Threat Analysis Group, and Ian Beer of
Google Project Zero

Installation note:
This update may be obtained from the Mac App Store

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFMwTMACgkQeC9qKD1p
rhhnixAAtVhWewMt3EBAdb1I+rf1CPEMXjtuOcBHMM97DhlpMKXbKc4SuugHXRul
QywYhOkeiUAtaoe6JbWxoSH8bJTfNH3UMWK+HgkWx2g9fKZ/ubMEUv94r+I8ISIJ
yyiO2qfATjVjfo5NZV6KbgDd3eBvfoj13ORYofbl2te5jA8karF5g/IZFmR8ovA8
n3Ew+Es0a+qwhoDVGjJOym7QLnEIJOMPb0EhGNU3CRP3diCI6Bdcqr+Uvk3lNPc7
gAbb4iFyglWTu0LqRCI9vX9QEv2rxpBZTwsj7ssnqKnBJhFEDHzBnZRboh+Rm63O
wTlTtTekCx3gWh/mcWy9lnPKDyx8n5tiNf3Ym3FwFCKJ/xBqO0wP7O8D7aPApWoZ
PHi7YQNDj/BTUXfDyI8RZ4COzhR/P6/TgixqoGJXFKzWX60qXImoFR0jOMPSocvy
t2AnkklVaaWA6ZLDoRRECuinRhkxyzQ5X1/0VmGj2oTFuRgUV0VteXOV35hPc11L
3nyRBwGfu2bKotk4HQdqfHarLZqimgzlnXex4+23urHlhikdUVhKc6osK3clQGMX
4S3Alnjs4SwMcHK65SxmLaS3wNInC97n3lOEatf5ywgy/IFdioWlOgFigAjI7s/i
iUKq9CjeqqdsRsqRH4E4YhPsjvr4aZxi8pAVddPK4Aga8JmeaEY=
=0jHf
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists