lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-id: <39BF7CAA-23ED-4857-8561-04616F2D12B5@lists.apple.com>
Date: Mon, 29 Sep 2025 12:57:56 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-09-29-2025-5 macOS Sonoma 14.8.1

macOS Sonoma 14.8.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/125330.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

FontParser
Available for: macOS Sonoma
Impact: Processing a maliciously crafted font may lead to unexpected app
termination or corrupt process memory
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2025-43400: Apple

macOS Sonoma 14.8.1 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmja4TAACgkQ4Ifiq8DH
7PXibBAAmUvF1uuXNJ1qOfiSQDiH8ZBceIFy9DS4Qoo60DTXRutpnJG9nKzRDlMG
vo31T8nbXmhfkiflZKqcOxkb5wM6Rwzz+b8+E0yqAEX6PQZB3cZSVYIe/Gsy6kL7
Dq2MS785p5dqjkDNJUUp6u5/GwtBTcSDB6OExa4J54jONJD2f785iGyMcEmTrhrP
4wqHukIWCxLugCGhGg03Ll0xrdT2utawLBKtFL3ei2wfkt4UNy9/24pZswR102jS
Ky2boAXUHPCy5R97q0ublf+36QY1qszVJSi3bBEnh8/U6ZIBPUxtW51rPEYqqf2N
TaLAEK8iSt1zP1zi8IjCWZUtb1ogc2qr9+xeQsjumQgTXG4QAQp6aDgPTViShe0E
0UUJ6kH76ew+CFf8nOXfd44S6n4O+XH9AOOGOI21UHkYPO6md+JZrXtvPJkfbC4X
cc2XRgwWvy2ntSiNjjCpM6lJ3XImQxFOrLinln9HnKKvhJFCVFzQ5djPRt6ia+86
OYwAdUY8e9yaybxk3hPUHQuVTya650H/zQLQYpuEbTe4ifPPzA9FT/b6N68HG91G
xf+Td3O/YjegQc7HeT7WyHX2sUDZnk4ttaG6i1914k2KHduJqVXj5ldNr9NyBz/k
blGh6vdXVmmWTpXYBw3j0hZgJziZ40CCVxBv/k7gnIXGSarrbfQ=
=gnbd
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ