-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-3 tvOS 12.1.1
tvOS 12.1.1 is now available and addresses the following:
Airport
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A type
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-4 Safari 12.0.2
Safari 12.0.2 is now available and addresses the following:
Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
macOS Mojave 10.14.1
Impact: Visiting a malicious website may lead to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-06-1 watchOS 5.1.2
watchOS 5.1.2 is now available and addresses the following:
Airport
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to elevate privileges
Description: A type confusion
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-1 iOS 12.1.1
iOS 12.1.1 is now available and addresses the following:
Airport
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious application may be able to elevate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-5 iTunes 12.9.2 for Windows
iTunes 12.9.2 for Windows is now available and addresses the
following:
Safari
Available for: Windows 7 and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-6 iCloud for Windows 7.9
iCloud for Windows 7.9 is now available and addresses the following:
Safari
Available for: Windows 7 and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-2 macOS Mojave 10.14.2, Security Update
2018-003 High Sierra, Security Update 2018-006 Sierra
macOS Mojave 10.14.2, Security Update 2018-003 High Sierra,
Security Update 2018-006 Sierra are now available
and addresses the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2018-12-05-7 Shortcuts 2.1.2
Shortcuts 2.1.2 is now available and addresses the following:
This update has no published CVE entries. We would like to
acknowledge Micah A for their assistance.
Installation note:
Shortcuts 2.1.2 for iOS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-25-5 iTunes 12.9.4 for Windows
iTunes 12.9.4 for Windows is now available and addresses the
following:
CoreCrypto
Available for: Windows 7 and later
Impact: A malicious application may be able to elevate privileges
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-25-6 iCloud for Windows 7.11
iCloud for Windows 7.11 is now available and addresses the following:
CoreCrypto
Available for: Windows 7 and later
Impact: A malicious application may be able to elevate privileges
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update
2019-002 High Sierra, Security Update 2019-002 Sierra
macOS Mojave 10.14.4, Security Update 2019-002 High Sierra,
Security Update 2019-002 Sierra are now available and
addresses the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-25-7 Xcode 10.2
Xcode 10.2 is now available and addresses the following:
Kernel
Available for: macOS 10.13.6 or later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-25-4 Safari 12.1
Safari 12.1 is now available and addresses the following:
Safari Reader
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
Mojave 10.14.4
Impact: Enabling the Safari Reader feature on a maliciously
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-25-3 tvOS 12.2
tvOS 12.2 is now available and addresses the following:
CFString
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-25-1 iOS 12.2
iOS 12.2 is now available and addresses the following:
CFString
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-3-27-1 watchOS 5.2
watchOS 5.2 is now available and addresses the following:
CFString
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-2-07-1 iOS 12.1.4
iOS 12.1.4 is now available and addresses the following:
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: The initiator of a Group FaceTime call may be able to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOS
Shortcuts 2.1.3 for iOS is now available and addresses the following:
Shortcuts
Available for: Shortcuts 2.1.2 for iOS
Impact: A local user may be able to view senstive user information
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-2-07-2 macOS Mojave 10.14.3 Supplemental Update
macOS Mojave 10.14.3 Supplemental Update is now available and
addresses the following:
FaceTime
Available for: macOS Mojave 10.14.3
Impact: The initiator of a Group FaceTime call may be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-1-22-2 macOS Mojave 10.14.3,
Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra
macOS Mojave 10.14.3, Security Update 2019-001 High Sierra,
Security Update 2019-001 Sierra are now available
and addresses the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-1-22-5 Safari 12.0.3
Safari 12.0.3 is now available and addresses the following:
Safari Reader
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
macOS Mojave 10.14.3
Impact: Processing maliciously crafted web
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-1-22-6 iCloud for Windows 7.10
iCloud for Windows 7.10 is now available and addresses the following:
SQLite
Available for: Windows 7 and later
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-1-22-1 iOS 12.1.3
iOS 12.1.3 is now available and addresses the following:
AppleKeyStore
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A sandboxed process may be able to circumvent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-1-24-1 iTunes 12.9.3 for Windows
iTunes 12.9.3 for Windows is now available and addresses the
following:
AppleKeyStore
Available for: Windows 7 and later
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-1-22-4 tvOS 12.1.2
tvOS 12.1.2 is now available and addresses the following:
AppleKeyStore
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-1-22-3 watchOS 5.1.3
watchOS 5.1.3 is now available and addresses the following:
AppleKeyStore
Available for: All Apple Watch models
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-28-2 iCloud for Windows 7.12
iCloud for Windows 7.12 is now available and addresses the following:
SQLite
Available for: Windows 7 and later
Impact: An application may be able to gain elevated privileges
Description: An input
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-28-1 iTunes for Windows 12.9.5
iTunes for Windows 12.9.5 is now available and addresses the
following:
SQLite
Available for: Windows 7 and later
Impact: An application may be able to gain elevated privileges
Description: An input
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1
AirPort Base Station Firmware Update 7.9.1 is now available and
addresses the following:
AirPort Base Station Firmware
Available for: AirPort Extreme and AirPort Time Capsule base
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-6-20-1 AirPort Base Station Firmware Update 7.8.1
AirPort Base Station Firmware Update 7.8.1 is now available and
addresses the following:
AirPort Base Station Firmware
Available for: AirPort Express, AirPort Extreme, and AirPort
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-13-4 watchOS 5.2.1
watchOS 5.2.1 is now available and addresses the following:
AppleFileConduit
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
system privileges
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-13-5 Safari 12.1.1
Safari 12.1.1 is now available and addresses the following:
WebKit
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
included in macOS Mojave 10.14.5
Impact: Processing maliciously crafted web
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-13-1 iOS 12.3
iOS 12.3 is now available and addresses the following:
AppleFileConduit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-13-3 tvOS 12.3
tvOS 12.3 is now available and addresses the following:
AppleFileConduit
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-13-2 macOS Mojave 10.14.5, Security Update
2019-003 High Sierra, Security Update 2019-003 Sierra
macOS Mojave 10.14.5, Security Update 2019-003 High Sierra,
Security Update 2019-003 Sierra are now available and
addresses the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-5-13-6 Apple TV Software 7.3
Apple TV Software 7.3 is now available and addresses the following:
Bluetooth
Available for: Apple TV (3rd generation)
Impact: A remote attacker may cause an unexpected application
termination or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-8-13-3 Additional information for
APPLE-SA-2019-7-22-4 watchOS 5.3
watchOS 5.3 addresses the following:
Bluetooth
Available for: Apple Watch Series 1 and later
Impact: An attacker in a privileged network position may be able to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-8-13-1 Additional information for
APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update
2019-004 High Sierra, Security Update 2019-004 Sierra
macOS Mojave 10.14.6, Security Update 2019-004 High Sierra,
Security Update 2019-004
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-8-13-4 Additional information for
APPLE-SA-2019-7-22-5 tvOS 12.4
tvOS 12.4 addresses the following:
Bluetooth
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
intercept
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-8-13-2 Additional information for
APPLE-SA-2019-7-22-1 iOS 12.4
iOS 12.4 addresses the following:
Bluetooth
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: An attacker in a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0
SwiftNIO HTTP/2 1.5.0 is now available and addresses the following:
SwiftNIO HTTP/2
Available for: SwiftNIO HTTP/2 1.0.0 through 1.4.0 on
macOS Sierra 10.12 and later and Ubuntu 14.04 and later
Impact: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-22-5 tvOS 12.4
tvOS 12.4 is now available and addresses the following:
Core Data
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-22-4 watchOS 5.3
watchOS 5.3 is now available and addresses the following:
Core Data
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update
2019-004 High Sierra, Security Update 2019-004 Sierra
macOS Mojave 10.14.6, Security Update 2019-004 High Sierra,
Security Update 2019-004 Sierra are now available and address the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-22-3 Safari 12.1.2
Safari 12.1.2 is now available and addresses the following:
Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and
included in macOS Mojave 10.14.6
Impact: Visiting a malicious website may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-22-1 iOS 12.4
iOS 12.4 is now available and addresses the following:
Core Data
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation and later
Impact: A remote attacker may be able to leak memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-23-3 iCloud for Windows 10.6
iCloud for Windows 10.6 is now available and addresses the following:
libxslt
Available for: Windows 10 and later via the Microsoft Store
Impact: A remote attacker may be able to view sensitive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-23-1 iCloud for Windows 7.13
iCloud for Windows 7.13 is now available and addresses the following:
libxslt
Available for: Windows 7 and later
Impact: A remote attacker may be able to view sensitive information
Description: A stack
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6
iTunes for Windows 12.9.6 is now available and addresses the
following:
libxslt
Available for: Windows 7 and later
Impact: A remote attacker may be able to view sensitive information
Description: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-5 watchOS 6
watchOS 6 addresses the following:
Foundation
Available for: Apple Watch Series 3 and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-6 tvOS 13
tvOS 13 addresses the following:
Keyboards
Available for: Apple TV 4K and Apple TV HD
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-9 Safari 13.0.1
Safari 13.0.1 addresses the following:
Safari
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: An inconsistent
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-1 iOS 12.4.2
iOS 12.4.2 is now available and addresses the following:
Foundation
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air,
iPad mini 2, iPad mini 3, and iPad touch 6th generation
Impact: A remote attacker may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1
iOS 13.1 and iPadOS 13.1 address the following:
VoiceOver
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A person with physical
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-2 macOS Mojave 10.14.6 Supplemental Update 2,
Security Update 2019-005 High Sierra, Security Update 2019-005
Sierra
macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005
High Sierra, Security Update 2019-005 Sierra
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-4 Safari 13
Safari 13 addresses the following:
WebKit Page Loading
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-26-7 Xcode 11.0
Xcode 11.0 addresses the following:
IDE SCM
Available for: macOS Mojave 10.14.4 and later
Impact: Multiple issues in libssh2
Description: Multiple issues were addressed by updating to version
2.16.
CVE-2019-3855:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-9-27-1 iOS 13.1.1 and iPadOS 13.1.1
iOS 13.1.1 and iPadOS 13.1.1 are now available and address the
following:
Sandbox
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-11-01-1 Xcode 11.2
Xcode 11.2 addresses the following:
llvm
Available for: macOS Mojave 10.14.4 and later
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-7 Additional information
for APPLE-SA-2019-9-26-4 Safari 13
Safari 13 addresses the following:
WebKit
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-10 Additional information
for APPLE-SA-2019-10-07-1 macOS Catalina 10.15
macOS Catalina 10.15 addresses the following:
AMD
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-4 watchOS 6.1
watchOS 6.1 is now available and addresses the following:
Accounts
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-3 tvOS 13.2
tvOS 13.2 is now available and addresses the following:
Accounts
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-11 Additional information
for APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1
iOS 13.1 and iPadOS 13.1 address the following:
AppleFirmwareUpdateKext
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update
2019-001 Mojave, Security Update 2019-006 High Sierra
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra are now available and address
the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-5 Safari 13.0.3
Safari 13.0.3 is now available and addresses the following:
WebKit
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6,
and included in macOS Catalina 10.15.1
Impact: Processing maliciously crafted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2
iOS 13.2 and iPadOS 13.2 are now available and address the following:
Accounts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-29-9 Additional information
for APPLE-SA-2019-9-26-6 tvOS 13
tvOS 13 addresses the following:
AppleFirmwareUpdateKext
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-7 Xcode 11.3
Xcode 11.3 is now available and addresses the following:
ld64
Available for: macOS Mojave 10.14.4 and later
Impact: Compiling with untrusted sources may lead to arbitrary code
execution with user privileges
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3
iOS 13.3 and iPadOS 13.3 is now available and addresses the
following:
CallKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-4 watchOS 5.3.4
watchOS 5.3.4 is now available and addresses the following:
FaceTime
Available for: Apple Watch Series 1, Apple Watch Series 2, Apple
Watch Series 3, and Apple Watch Series 4 when paired to a device with
iOS 12
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update
2019-002 Mojave, Security Update 2019-007 High Sierra
macOS Catalina 10.15.2, Security Update 2019-002 Mojave,
Security Update 2019-007 High Sierra is now available and
addresses the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-5 tvOS 13.3
tvOS 13.3 is now available and addresses the following:
CFNetwork Proxies
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to gain elevated privileges
Description: This issue was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-2 iOS 12.4.4
iOS 12.4.4 is now available and addresses the following:
FaceTime
Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad
mini 2, iPad mini 3, and iPod touch 6th generation
Impact: Processing malicious
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-6 Safari 13.0.4
Safari 13.0.4 is now available and addresses the following:
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Processing maliciously crafted web content may lead to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-12-10-8 watchOS 6.1.1
watchOS 6.1.1 is now available and addresses the following:
CallKit
Available for: Apple Watch Series 1 and later
Impact: Calls made using Siri may be initiated using the wrong
cellular plan on devices with two
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-11-1 Swift 5.1.1 for Ubuntu
Swift 5.1.1 for Ubuntu is now available and addresses the following:
Foundation
Available for: Ubuntu 14.04, 16.04 and 18.04
Impact: Incorrect management of file descriptors in URLSession could
lead to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-07-3 iCloud for Windows 10.7
iCloud for Windows 10.7 is now available and addresses the following:
UIFoundation
Available for: Windows 10 and later via the Microsoft Store
Impact: Processing a maliciously crafted text file may
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-07-1 macOS Catalina 10.15
macOS Catalina 10.15 is now available and addresses the following:
AMD
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-07-2 iTunes for Windows 12.10.1
iTunes for Windows 12.10.1 is now available and addresses the
following:
UIFoundation
Available for: Windows 7 and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2019-10-07-4 iCloud for Windows 7.14
iCloud for Windows 7.14 is now available and addresses the following:
UIFoundation
Available for: Windows 7 and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update
2020-001 Mojave, Security Update 2020-001 High Sierra
macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and
Security Update 2020-001 High Sierra are now available and
address the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-28-3 watchOS 6.1.2
watchOS 6.1.2 is now available and addresses the following:
AnnotationKit
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause unexpected application
termination or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-28-5 Safari 13.0.5
Safari 13.0.5 is now available and addresses the following:
Safari
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Visiting a malicious website may lead to address bar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-28-4 tvOS 13.3.1
tvOS 13.3.1 is now available and addresses the following:
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-28-6 iTunes for Windows 12.10.4
iTunes for Windows 12.10.4 is now available and addresses the
following:
Mobile Device Service
Available for: Windows 7 and later
Impact: A user may gain access to protected parts of the file system
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
iCloud for Windows 7.17 addresses the following:
ImageIO
Available for: Windows 7 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-28-1 iOS 13.3.1 and iPadOS 13.3.1
iOS 13.3.1 and iPadOS 13.3.1 are now available and address the
following:
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2
iCloud for Windows 10.9.2 is now available and addresses the
following:
ImageIO
Available for: Windows 10 and later via the Microsoft Store
Impact: Processing a maliciously crafted image may lead to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-25-1 iCloud for Windows 10.9.3
iCloud for Windows 10.9.3 is now available and addresses the
following:
libxml2
Available for: Windows 10 and later via the Microsoft Store
Impact: Multiple issues in libxml2
Description: A buffer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-25-2 iCloud for Windows 7.18
iCloud for Windows 7.18 is now available and addresses the following:
libxml2
Available for: Windows 7 and later
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-1 iOS 13.4 and iPadOS 13.4
iOS 13.4 and iPadOS 13.4 are now available and address the following:
ActionKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-4 watchOS 6.2
watchOS 6.2 is now available and addresses the following:
ActionKit
Available for: Apple Watch Series 1 and later
Impact: An application may be able to use an SSH client provided by
private frameworks
Description:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-7 Xcode 11.4
Xcode 11.4 is now available and contains security improvements.
Additional recognition
ld64
We would like to acknowledge an anonymous researcher for their
assistance.
Installation note:
Xcode 11.4 may be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-3 tvOS 13.4
tvOS 13.4 is now available and addresses the following:
ActionKit
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to use an SSH client provided by
private frameworks
Description: This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-6 iTunes for Windows 12.10.5
iTunes for Windows 12.10.5 is now available and addresses the
following:
libxml2
Available for: Windows 7 and later
Impact: Multiple issues in libxml2
Description: A buffer overflow was addressed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-03-24-5 Safari 13.1
Safari 13.1 is now available and addresses the following:
Safari Downloads
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious iframe may use another website’s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
APPLE-SA-2020-09-24-1 macOS Catalina 10.15.6 Supplemental Update,
Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave
macOS Catalina 10.15.6 Supplemental Update, Security Update 2020-005
High Sierra, Security Update 2020-005
1 - 100 of 418 matches
Mail list logo