| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 May 2022 16:20:30 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2022-05-16-7 Safari 15.5 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-05-16-7 Safari 15.5 Safari 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213260. WebKit Available for: macOS Big Sur and macOS Catalina Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 238178 CVE-2022-26700: ryuzaki WebKit Available for: macOS Big Sur and macOS Catalina Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 236950 CVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab WebKit Bugzilla: 238171 CVE-2022-26717: Jeonghoon Shin of Theori WebKit Available for: macOS Big Sur and macOS Catalina Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 238183 CVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab WebKit Bugzilla: 238699 CVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech Additional recognition WebKit We would like to acknowledge James Lee, an anonymous researcher for their assistance. Safari 15.5 may be obtained from the Mac App Store. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TcACgkQeC9qKD1p rhjYBQ/+LNLAA17vZ+b2uQnKRb9rCwHHZQoSm0rjxXyzcUiZaeloZQ6KTsIidEdr JxuqDYjtV8OfSqsgz03z/iK3Ka4AEqM8GNvrX5LhZVqzXnY8K8XHnsi9Z/EfY6nf XfRGhPAw/9juxWzLA3ywIu8D9eql1zWEixk82awqNv1v4+Xym4Ff9rEmtSMdJ+9R i32E8erdN2GHcR9Dvn2ej/MA/M8YKT6Zxx2Uax4VDJstJdNctabwW1rNwr0Km1ut gD9PEWLb3UeKOcBt/2qWHpohWANixft8+p0SJAfU4uEldepi7dN2wHrkuLdGLOEs r54mTTbT8G98wYqcOizwfKTwrCb64hfrcgtB32UoSRGzl8wRfkSOdsXTmizow5BK YDu18P44K6oxe7X2PtMUEI22/TdJsp8xtgpjqX24GUjcuDb7ZN6zJ7RJijtlsraO 144GM1L9upX/A5LFBFlmXXTRJ1KTHz1PDw1+WXZTD5FWCPGh6uj0HtdXWOcaaNa5 uqi7lhc0JxezyKv2QL6/PY8s/811kWfLr1MtNL7nVEMyJX4o3s8yFF1k58KyEzhy +VrzGoHQF1y8dhhDGPUrv5fSaCxZ5da2ZDpwBxNZMHLh5sDddvUspGLUTKmQY66R FanqabJeytFLB3yfdMJEQ+qDf8N6KIkw1V3HJw4YJQnF8sleWfM= =Vm71 -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists