| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <C19447F7-CF2A-493E-B0D9-7D2875039505@lists.apple.com> Date: Mon, 25 Mar 2024 20:25:31 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: Apple Product Security via Security-announce <security-announce@...ts.apple.com> Subject: [FD] APPLE-SA-03-25-2024-6 visionOS 1.1.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-03-25-2024-6 visionOS 1.1.1 visionOS 1.1.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT214093. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. CoreMedia Available for: Apple Vision Pro Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-1580: Nick Galloway of Google Project Zero WebRTC Available for: Apple Vision Pro Impact: Processing an image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-1580: Nick Galloway of Google Project Zero Instructions on how to update visionOS are available at https://support.apple.com/kb/HT214009. To check the software version on your Apple Vision Pro, open the Settings app and choose General > About. All information is also posted on the Apple Security Updates web site: https://support.apple.com/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/. -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmYCO44ACgkQX+5d1TXa IvqnqBAApL/lBT8OmKZioB7sT+aEVFvQnRi6vgzH6GaO59Nubi9aGmRvYY0j+Y5p VpwpG/s2EYQaFSPfRP3kSVidavMFgZ2vPgiyouPOdr1IMsTAYVGEBFv5qmwIHLO7 MvuqU8+3CSUl5w4PbBFgNT/NbyTLaN2QcyqnR6PKHsgqy2X53IxyfR/hod7hDOwT z0lK6P0YdgTYXxEAZWkN1IhuQ8LEmHUkI+EDf0Haj9Fuv8NaopkMhvkTqkUD5L5u f1eHgtubH3PtcYn5fwPhSrMISrZzeRBwGbW3/L78axiFsPBtclVhtDuHcxXzk/Ui ejAPGDUz7LMMvsRg6EecZxKTPDJpCU6WqUrviMaxrgvvK/dSj52qh7F/rkCHHBZD C+GQful6bG8EEIuC1USsNDYsGbyxjimseUd1t19RqxvqMDGq8sh5yYL5etK2ywxL sPB0fK2Uc6mniMhnDoDVV3CZuWZnYVQmBphc1G/rgQSPSv3dRuikjOH39Hqhulvg iDUDqGfGYf2swSQdrzpKDgVenCX5XAFtanNErT1yNj5OFRj/s37bihpAPWVvsmXh 5m1X+P5wjkOm/zk5wd5H1fh8B2SpTBginsNiVJRzgDkmHyZW6bVOve8l5BPCsFBJ 6Dfjnj5wHb11DQlL99rEuJ1Xi3BKFrhVBCbfHqNad3Exk+RfhBo= =P+/H -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists