lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-id: <DAB5C8BD-8550-4F68-BCC2-BC2E17620B13@lists.apple.com>
Date: Wed, 08 May 2024 15:16:57 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-05-08-2024-1 iTunes 12.13.2 for Windows

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-05-08-2024-1 iTunes 12.13.2 for Windows

iTunes 12.13.2 for Windows addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214099.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

CoreMedia
Available for: Windows 10 and later
Impact: Parsing a file may lead to an unexpected app termination or
arbitrary code execution
Description: The issue was addressed with improved checks.
CVE-2024-27793: Willy R. Vasquez of The University of Texas at Austin

iTunes 12.13.2 for Windows may be obtained from:
https://www.apple.com/itunes/download/
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmY78cYACgkQX+5d1TXa
IvrzDBAAlfeS0odTgHy5AqrW8H47U7kDb6Mob0XW7RF/eii3C3M07a+zZ6fqXrws
NrR85Az++0l0LICFINyG2uqNlJP831J3ib4MQLmCp0awX5UPLdZ1JZE5afu4GAZk
t0rDDfUYuhVrArYC1BaSMm3OjiSD3CctLxHPY4PDsLbaeq/J7kSz03Lr42TyLuIU
wO/c0hxiNSPrrq6vlSO2yCFzuISkB+HkJMPNFst6h7lpCAfimw2pHXhzGKAHUzAG
ra2TEi4/Zpd5heDhC8rXbVYAgc9q5YCkPT5EDPa4aIYqZynICNugrY5Y0OSV05sp
l8LuuEsTJY/Vmf4+1xx+ZI2E8LReP/QMCA0pPOGEJXT5PifdrEVIRvV7vAGClWk3
C9t4FpcYBIt4e3AwSoaQoykdPRCB5mEL+D+gfycLvJBmbng+PnE2T+oQYd6IkVu4
toYaJ+jo6fNmHHFueBT7ecsCG6kDyJyd1tDTLLxCaTDVPvJ10uk/k68FYbpTy1rY
EzBbKGnaHKrr2DNFQPiqFnonaLRvUUJXlH5RtlrWVH9/cAXE8sIPfrrO+NPIAEG2
WoCKA0jOYhR/SO5O4VLqAi0yTSzrvWp7Gp//ov9J0f2S28kUP0kdUGL/Z8Lsbro9
un3U1C3pgDwcsGrYXpU+Ye/98gUjz5bEu2dMbT5u2fVwkbOQBVs=
=NV/p
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ