| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Nov 2023 15:05:13 -0800 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: Apple Product Security via Security-announce <security-announce@...ts.apple.com> Subject: [FD] APPLE-SA-11-30-2023-1 Safari 17.1.2 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-11-30-2023-1 Safari 17.1.2 Safari 17.1.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT214033. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. WebKit Available for: macOS Monterey and macOS Ventura Impact: Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Description: An out-of-bounds read was addressed with improved input validation. WebKit Bugzilla: 265041 CVE-2023-42916: Clément Lecigne of Google's Threat Analysis Group WebKit Available for: macOS Monterey and macOS Ventura Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Description: A memory corruption vulnerability was addressed with improved locking. WebKit Bugzilla: 265067 CVE-2023-42917: Clément Lecigne of Google's Threat Analysis Group Safari 17.1.2 may be obtained from the Mac App Store. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmVpEg8ACgkQX+5d1TXa IvpIIw/+L5k+aLwUf7blhtLZpServytns7fQ3smgGh7ktf75P+0AwRyKAJtE45NG 3MjXlDQS5q2zkhdAAE9qTFkLHazbtzH1vSKEkYbLVDOkwZc6S7aGWP59VVPGw0Z5 bpgbt59M7MW7VqjCyXMMEkjeo9eEIzM4KZubK3U21keEjPJ9lzXApr/D42CYn3cm qV+ctIuAivq/DP0XBIPEuer5TUmY0Vhkfo6gi2Ykg1508lBHcWY/RNPlnMjDAhfJ uxz47S8DLk8UvpqiRT7T+/UUqiOk9TBVy8mvPVV9d2vA+wngdp8p5lScIB2mHTyi OnimNp4cKQjOYcFF0nSYrdvUcmlmx0djyF2oC4hZWAosIgms4rmh5jRgKyoAfkMz wPoRLBx9djmdVg4Hj7udatllWYUcIsEudLpMcGL4xjzha3eknHAF4mbUEp7yFKxM QwlFomJZbdNbiw0ALgmN0+tjOjqnQHJSAyYRo9OYhzoN3jzZ1A6EPDMu+yCcWj9g lzIf59WaQp9+YsDp6X/eCWkuyncOBYwkDN758zD125lTTubQ7mYmcywYyYSG+z4M eByRRytVciTw/W79eAkZndBdeIYl0OFIJi9HIIw8+A+T4OsEE4eU53GSxd0H7iG5 KFHUTy9wNruWQkPxjB+Fi6vHQ8HJPqHb6LZMRwJTKi3d2jsqpo8= =6bli -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists