| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Aug 2022 14:13:29 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1 macOS Monterey 12.5.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213413. Kernel Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32894: an anonymous researcher WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 243557 CVE-2022-32893: an anonymous researcher macOS Monterey 12.5.1 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmL9UiYACgkQ4RjMIDke NxkMiQ/+JkF0Octgd1/I72UFVdhIbUrvL+BkQdTWXfzrfGpFl3EOSUkvn+F3qmt4 pAxtbKeg4T5VyJqGz+bQDOZ+VXGsO4w/9n0WWjEGA/P+BHkP2gUZLlhZQRq1XY5c gW8EBiUEA20qtz9s0AUFOtS8l6J1QStOhA5W6OWS4xJp4GTwFKSbZHDrHjACBoi1 5XpFM0H5sbFG66C9Fb+p55BLWMBoyxbi8YiQIDmcZ7/+kNGSsBkfHtvSmoFaSVr1 vP/2o2zEUburmKy9C9nUrXruJB6oqjWrkKfe2bbHOa9Zpf9zPcDyYXFbpJLYyAov R2h8pTppfxdPpuFKVht+MUpc9VnW8oZsuk0bWiI/D9dAOX1otoLE1599SXy/rXSU 2SLeM+Uv4iiJGiNSfDuvcCCqhzCCUf2/pS8VTcnDZczsOGPLWROswzQ46yVWHIxO iCNH8iHliDo5UNzem+yza5hRgjDbArEjoP10zzx2AxFioQuJXWWEWIbcb966MKzs gL+DB2BqVhF+OScf+jC66BefgSndsGBfkKgulrZ1HOmJ2E/BwOCYKYrDQhtNEJbr dFjv8+cMO1vuqKb33p5rjzNIqucBYEuoLtIaXz1yJ5aF/3M5HVaqBgBFioQHUvKj zc/QF2P6Ue3AMhUkmkMkZVJRMYI966fFD9NMKjGz9H/gCm+8iN0= =4ABQ -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists