| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <E3E4FA76-D162-4228-926F-77A07E6B8069@lists.apple.com> Date: Mon, 29 Sep 2025 12:56:45 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-09-29-2025-3 macOS Tahoe 26.0.1 macOS Tahoe 26.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/125328. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: macOS Tahoe Impact: Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2025-43400: Apple macOS Tahoe 26.0.1 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmja4PYACgkQ4Ifiq8DH 7PUzYQ//YvBxyQhsx7AX7zMY5A+dPZpuzAHg/yuuYhbs3GiH2J0kbJW7FnWd67s8 lrWCzFRvCn6jxzPsXlyLhnS3taCMDsDQ0NThGyyFR1GfQecGhj4j9fSaqz8rotwy NGjEsf9vVS0xb4TrBPQF/j+s75H3VNdsMGRZyV0p/17+3m1ivPTmxWubVQ2SjwgU 1+xwjKbl26QxpD8E5TzTYRHw57Ww3qx48qkUdsXSzafP9o2nLiu2GDaiVdeQlPEm OrfLqy+5HpnVOk0xOErJdO3wHKyNPLsKToAzG7TU2DHUoTE6cHlZplmKBlRLpVG0 tPQYsEf4pIGyhfWVBQ3rd593zMUrOGuJXE2VaE95rOcOB/5w+rqxZF9skgRyVHWf IGKJexUkeesNe3Fl7VtbDIKPSVg4CVEGH7+LV4OYPCnyDZ58MuOYTVo3afFmshAs 6lPu4U+Z1ILBOHescCmxIFr999KpDiRcP0tgxI3gS/3pV2LeB70mJ7W7GuifgLdu CZ2Nch4x6gs//ETNSYJ4Qm5Er84lgpTy0T1xuJupGZi0NerzxXU6Cc2J/EH6sgN4 F1qpo5kQ3IoSnrX0JS0Q54ehEjs/3feKBQjXGMqd7howeecCoo5SeN5zhwafIvdJ iZ4RjiraNWMyUFIOwU+S8GmfA+gtvEmdCMR5UHz+g31psE9uUGM= =nsqS -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists