| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 25 Oct 2023 12:03:46 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-10-25-2023-7 tvOS 17.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-10-25-2023-7 tvOS 17.1 tvOS 17.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT213987. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. mDNSResponder Available for: Apple TV HD and Apple TV 4K (all models) Impact: A device may be passively tracked by its Wi-Fi MAC address Description: This issue was addressed by removing the vulnerable code. CVE-2023-42846: Talal Haj Bakry and Tommy Mysk of Mysk Inc. @mysk_co WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 259836 CVE-2023-40447: 이준성(Junsung Lee) of Cross Republic WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing web content may lead to arbitrary code execution Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 259890 CVE-2023-41976: 이준성(Junsung Lee) WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing web content may lead to arbitrary code execution Description: A logic issue was addressed with improved checks. WebKit Bugzilla: 260173 CVE-2023-42852: an anonymous researcher Additional recognition VoiceOver We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal India for their assistance. WebKit We would like to acknowledge an anonymous researcher for their assistance. Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmU5Y9wACgkQX+5d1TXa IvrRTRAAz4nWc26PQyQXR++/ZQLQ2CsbuuS5fFu9kVdYC3sLzyNeVVffl23ur0g3 XIh7TFVUEp6tDIp9hCuHREsSKbvdL3TobPo4YW4jm6x4eM2Q3y1VsYHyyL7rECkU 2SromQVh3s5oOzMG4tcDqYJOtmO47woxMKzF466sPOrrORQxYWBab2kjYJz5SXyJ 0EHlgCzE9JWjsLp4gFREn+NQpb4xkLSOKE5YnIehU3oVPymBKMWhG/C4y8LsUgF6 MzzO8LK1XoijrCtlsBUPNqtqqs3lp6RRjH88ELp5OkMCwu/EvlLIRT8n84Xjvlbq BzRuE0rtxkBwBQiKtNToo70wEdoDdXF/v/aRezYEUcAnXtgEUbh5uFytvOWqDyXd 3GEdsmApdQO5guwn/YGNoBTh2HNjXGeq/3qldBTmwqSqLwceWfmBvoC/whXORWne HV2CvuGpTvsSWP24XLbzUtlf0t2biJv6GGjGULOhG05i0ONX8ni5uormFwwrsZMO n4S/DR9QRwYRXej7Lg40dpwpOHMSwB4yaGaO8DiRX7a35GmNZGu+WRTSDlL+cOGg I413GkCEbxdOa9Fc0LrEmLWOd9ziJCSz/S51YXNRUGgE7SbaVC1xb1s0R0M4SEca popvjyWamuVVjfzL3RQJQEdXiUkKqlBJK5MQDJTAi8vMjr2sTCo= =b+on -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists