-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2009-11-11-1 Safari 4.0.4
Safari 4.0.4 is now available and addresses the following: ColorSync CVE-ID: CVE-2009-2804 Available for: Windows 7, Vista, XP Impact: Viewing a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow exists in the handling of images with an embedded color profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded color profile may lead to an unexpected application termination or arbitrary code execution. The isssue is addressed by performing additional validation of color profiles. This issue does not affect Mac OS X v10.6 systems. The issue has already been addressed in Security Update 2009-005 for Mac OS X 10.5.8 systems. Credit: Apple. libxml CVE-ID: CVE-2009-2414, CVE-2009-2416 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Windows 7, Vista, XP Impact: Parsing maliciously crafted XML content may lead to an unexpected application termination Description: Multiple use-after-free issues exist in libxml2, the most serious of which may lead to an unxexpected application termination. This update addresses the issues through improved memory handling. The issues have already been addressed in Mac OS X 10.6.2, and in Security Update 2009-006 for Mac OS X 10.5.8 systems. Safari CVE-ID: CVE-2009-2842 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 and v10.6.2, Mac OS X Server v10.6.1 and v10.6.2, Windows 7, Vista, XP Impact: Using shortcut menu options within a maliciously crafted website may lead to the disclosure of local information Description: An issue exists in Safari's handling of navigations initiated via the "Open Image in New Tab", "Open Image in New Window", or "Open Link in New Tab" shortcut menu options. Using these options within a maliciously crafted website could load a local HTML file, leading to the disclosure of sensitive information. The issue is addressed by disabling the listed shortcut menu options when the target of a link is a local file. WebKit CVE-ID: CVE-2009-2816 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 and v10.6.2, Mac OS X Server v10.6.1 and v10.6.2, Windows 7, Vista, XP Impact: Visiting a maliciously crafted website may result in unexpected actions on other websites Description: An issue exists in WebKit's implementation of Cross- Origin Resource Sharing. Before allowing a page from one origin to access a resource in another origin, WebKit sends a preflight request to the latter server for access to the resource. WebKit includes custom HTTP headers specified by the requesting page in the preflight request. This can facilitate cross-site request forgery. This issue is addressed by removing custom HTTP headers from preflight requests. Credit: Apple. WebKit CVE-ID: CVE-2009-3384 Available for: Windows 7, Vista, XP Impact: Accessing a maliciously crafted FTP server could result in an unexpected application termination, information disclosure, or arbitrary code execution Description: Multiple vulnerabilities exist in WebKit's handling of FTP directory listings. Accessing a maliciously crafted FTP server may lead to information disclosure, unexpected application termination, or execution of arbitrary code. This update addresses the issues through improved parsing of FTP directory listings. These issues do not affect Safari on Mac OS X systems. Credit to Michal Zalewski of Google Inc. for reporting these issues. WebKit CVE-ID: CVE-2009-2841 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.1 and v10.6.2, Mac OS X Server v10.6.1 and v10.6.2 Impact: Mail may load remote audio and video content when remote image loading is disabled Description: When WebKit encounters an HTML 5 Media Element pointing to an external resource, it does not issue a resource load callback to determine if the resource should be loaded. This may result in undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read. This issue is addressed by generating resource load callbacks when WebKit encounters an HTML 5 Media Element. This issue does not affect Safari on Windows systems. Safari 4.0.4 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/ Safari for Mac OS X v10.6.1 and v10.6.2 The download file is named: Safari4.0.4SnowLeopard.dmg Its SHA-1 digest is: 445df542b183fa65fd9df1f7ff4c6af306e6c0b9 Safari for Mac OS X v10.5.7 The download file is named: Safari4.0.4Leopard.dmg Its SHA-1 digest is: 0aeb54208cdebcafb3206baf11d8649836273f33 Safari for Mac OS X v10.4.11 The download file is named: Safari4.0.4Tiger.dmg Its SHA-1 digest is: 4ddfd70420e27bab98864a45f291f688d86f5963 Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: 236cfb9556dd369d95c5b45ddce740b15f2cb267 Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: d95d61f2f804576b5d31fc8f47ac310438bc44dc Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJK+eX5AAoJEHkodeiKZIkBd68H/0OkE5bsiHteloXSPhwN9mlO GeL57Y8QGe/MsywQjLwDhcvA1fS6yusmX8gpDLjF8wW9s32O8A9amMazqBfVoyIZ gHARtEsun47iDz9IgmKmqPWFMbf1u48xSmizepbr/qnRc0hO07Txh2zzTucGR1A0 JYRifQgsvn/6tq5zryJ/WUnUsb6gPDkJu1WBswdWJ2QXBQb3bCEidBy+xDKYUEsI 6FFtcY3kOxp5aaByFprpVQt1i+UJUZAQxHCNWgDNA7LEUcRV6PoKBN25ddpAIXA5 Keo1YMRII32vkOnFM+XSsGdaWhFyxnVghL8WAgSY4gSLXmtVCu/OTFCG3WVCHdg= =DoEE -----END PGP SIGNATURE----- *********************************** * POST TO MEDIANEWS@ETSKYWARN.NET * *********************************** Medianews mailing list Medianews@etskywarn.net http://lists.etskywarn.net/mailman/listinfo/medianews