| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Sep 2021 11:15:27 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2021-09-23-2 Security Update 2021-006 Catalina -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-23-2 Security Update 2021-006 Catalina Security Update 2021-006 Catalina addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212825. XNU Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A type confusion issue was addressed with improved state handling. CVE-2021-30869: Erye Hernandez of Google Threat Analysis Group, Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero Installation note: This update may be obtained from the Mac App Store Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFMwTMACgkQeC9qKD1p rhhnixAAtVhWewMt3EBAdb1I+rf1CPEMXjtuOcBHMM97DhlpMKXbKc4SuugHXRul QywYhOkeiUAtaoe6JbWxoSH8bJTfNH3UMWK+HgkWx2g9fKZ/ubMEUv94r+I8ISIJ yyiO2qfATjVjfo5NZV6KbgDd3eBvfoj13ORYofbl2te5jA8karF5g/IZFmR8ovA8 n3Ew+Es0a+qwhoDVGjJOym7QLnEIJOMPb0EhGNU3CRP3diCI6Bdcqr+Uvk3lNPc7 gAbb4iFyglWTu0LqRCI9vX9QEv2rxpBZTwsj7ssnqKnBJhFEDHzBnZRboh+Rm63O wTlTtTekCx3gWh/mcWy9lnPKDyx8n5tiNf3Ym3FwFCKJ/xBqO0wP7O8D7aPApWoZ PHi7YQNDj/BTUXfDyI8RZ4COzhR/P6/TgixqoGJXFKzWX60qXImoFR0jOMPSocvy t2AnkklVaaWA6ZLDoRRECuinRhkxyzQ5X1/0VmGj2oTFuRgUV0VteXOV35hPc11L 3nyRBwGfu2bKotk4HQdqfHarLZqimgzlnXex4+23urHlhikdUVhKc6osK3clQGMX 4S3Alnjs4SwMcHK65SxmLaS3wNInC97n3lOEatf5ywgy/IFdioWlOgFigAjI7s/i iUKq9CjeqqdsRsqRH4E4YhPsjvr4aZxi8pAVddPK4Aga8JmeaEY= =0jHf -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists