[<prev] [next>] [day] [month] [year] [list]
Message-id: <1D51080C-9665-4899-8779-0A8546B4080E@lists.apple.com>
Date: Mon, 25 Mar 2024 20:27:54 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: Apple Product Security via Security-announce
<security-announce@...ts.apple.com>
Subject: [FD] APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1
macOS Sonoma 14.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214096.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
CoreMedia
Available for: macOS Sonoma
Impact: Processing an image may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-1580: Nick Galloway of Google Project Zero
WebRTC
Available for: macOS Sonoma
Impact: Processing an image may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-1580: Nick Galloway of Google Project Zero
macOS Sonoma 14.4.1 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmYCPIQACgkQX+5d1TXa
IvrgbRAAg4RSaUphmr+xku+UTKjqN9BQU8fRYd+5UsN1x2DGTznnh1CIJrLi9XdM
SkvIz076B9mtB0wlL6E7YCW4on5GXnvRt8OclNBjstjaxUZoqqeT0fs7KrKCm1WV
fX7qcbIXo73cwzA7j/VoOtDCQr0aXAjBJv4zoIOERwAXw/BwJa8i9VZCeQT3RJr7
Ww1EhYxfT1/XJhVk2rlTXLOBdL4FetbMNfENt8SozkUBTtOmU3BZeRDZ08RWpTn8
nh+PKzrwmo+ayY8UcPZPcnrhw1fP8div1CIJc2v1AGnwr1rAzEbucJS4oQheT8SR
8RhIYUCllkWkHzNTvAOJFc1K4clLPcAu1SG1+K7QPcpXJbMsKAybUGl+GOGbqvO8
Dm3RHGU8BFgWKTAqDwUGzOs0GdaS/fmpRms+S22HlHx0/Z9kFA3lXEqAiVcxpVq8
6RPJQiYsp7UBRFlCMx0X5bwCCLSaPPaGgJbWTcx3EaVlOXvUGyHaLcwmZUzicGCu
GP5GHBjHgINslfm/lYLbUX2BPtT+Sed9VYojNs1ehGSLazpwgFVElpSou0OytxaK
7mxU+ABDC3L7vn8QBX8ofF1EH/g57CMTKQlJDdVmsDaBmtY/LkOeSay5Zmr3qHDf
RUFjjsxZltBKwnCQJBbViMbqJKwSdsuhHPSmVxBV0HGY9xiWUqc=
=W3BD
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists