lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-id: <3609CD93-EFC8-4B5B-8DA6-DD0511A59538@lists.apple.com>
Date: Wed, 20 Aug 2025 17:10:56 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-08-20-2025-5 macOS Ventura 13.7.8

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-08-20-2025-5 macOS Ventura 13.7.8

macOS Ventura 13.7.8 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/124929.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

ImageIO
Available for: macOS Ventura
Impact: Processing a malicious image file may result in memory
corruption. Apple is aware of a report that this issue may have been
exploited in an extremely sophisticated attack against specific targeted
individuals.
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2025-43300: Apple

macOS Ventura 13.7.8 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmimYeYACgkQ4Ifiq8DH
7PUhaw/+LAEDdBhPKWz+ePi18mkSr/hG29Ujxb8LVxCrPuCBtili1/aIjfdqJXJM
SEa/+1HgekUw1oDlxu5Qe9pNNNAZlABOJz8K3GEqUP5e3CcWt2osUbtBdIQJyU87
1Nq4QpwWmO3sosV08KeIgzPbfw6NcMB1WHIpMllkYd++fzR4YWQWHHkc1IWxjMef
LciiB7gn3b9nQMEyxQhyVUymHdX5+MLzWqjYi9immXyi0tDoSeqG5vChPXfaDd5Q
Mc3mI702/mziMArqPeDhnlzJqwrETTwe19enO4+M8gLXz1poj02us9ftD7afwR1r
pHAyA1TqewLqtqFq1vgwoAKTQ48IZ7/JKDfRpPVzf0cco7UK7E2GIxOX3MwdTgYu
wZMvDk5oYbupYHt0u7WzK/Bs55wCg8aXg7e18O4OLYz+OP9oKSNdrUmE30Om9+Bc
9E3c71Jc42gnOQiuuWJov4C734bhkMpy2Po6N37j+muViOB8yPYYYQCGTh+gs9Xc
Xt39Y5IaQVCAetOESOB4Op4Z88bY1bVgfH56gYQvztmsGnhKv14o0Gg4pAvMGEpU
+XHO6yIPVhaD96QEo8AQLHnq6N6t8p1j0xHF+JPNKypCXTjNMLx9EQG7fqfwPfDk
RYHwxFVtjiscPQS9UT0RvPRKpVHOW+6EvzqR3wbBM5aG5oi4Z4A=
=seCP
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ