Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -----BEGIN PGP SIGNED MESSAGE-----
- Hash: SHA1
- APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002
- OS X Lion v10.7.4 and Security Update 2012-002 is now available and
- addresses the following:
- Login Window
- Available for: OS X Lion v10.7.3, OS X Lion Server v10.7.3
- Impact: Remote admins and persons with physical access to the system
- may obtain account information
- Description: An issue existed in the handling of network account
- logins. The login process recorded sensitive information in the
- system log, where other users of the system could read it. The
- sensitive information may persist in saved logs after installation of
- this update. See http://support.apple.com/kb/TS4272 for more
- information on how to securely remove any remaining records. This
- issue only affects systems running OS X Lion v10.7.3 with users of
- Legacy File Vault and/or networked home directories.
- CVE-ID
- CVE-2012-0652 : Terry Reeves and Tim Winningham of the Ohio State
- University, Markus 'Jaroneko' Raty of the Finnish Academy of Fine
- Arts, Jaakko Pero of Aalto University, Mark Cohen of Oregon State
- University, Paul Nelson
- Bluetooth
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: A local user may be able to execute arbitrary code with
- system privileges
- Description: A temporary file race condition issue existed in
- blued's initialization routine.
- CVE-ID
- CVE-2012-0649 : Aaron Sigel of vtty.com
- curl
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: An attacker may be able to decrypt data protected by SSL
- Description: There are known attacks on the confidentiality of SSL
- 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.
- curl disabled the 'empty fragment' countermeasure which prevented
- these attacks. This issue is addressed by enabling empty fragments.
- CVE-ID
- CVE-2011-3389 : Apple
- curl
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: Using curl or libcurl with a maliciously crafted URL may
- lead to protocol-specific data injection attacks
- Description: A data injection issue existed in curl's handling of
- URLs. This issue is addressed through improved validation of URLs.
- This issue does not affect systems prior to OS X Lion.
- CVE-ID
- CVE-2012-0036
- Directory Service
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8
- Impact: A remote attacker may obtain sensitive information
- Description: Multiple issues existed in the directory server's
- handling of messages from the network. By sending a maliciously
- crafted message, a remote attacker could cause the directory server
- to disclose memory from its address space, potentially revealing
- account credentials or other sensitive information. This issue does
- not affect OS X Lion systems. The Directory Server is disabled by
- default in non-server installations of OS X.
- CVE-ID
- CVE-2012-0651 : Agustin Azubel
- HFS
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: Mounting a maliciously crafted disk image may lead to a
- system shutdown or arbitrary code execution
- Description: An integer underflow existed in the handling of HFS
- catalog files.
- CVE-ID
- CVE-2012-0642 : pod2g
- ImageIO
- Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
- Impact: Viewing a maliciously crafted TIFF file may lead to an
- unexpected application termination or arbitrary code execution
- Description: A buffer overflow existed in ImageIO's handling of
- CCITT Group 4 encoded TIFF files. This issue does not affect OS X
- Lion systems.
- CVE-ID
- CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
- ImageIO
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8
- Impact: Multiple vulnerabilities in libpng
- Description: libpng is updated to version 1.5.5 to address multiple
- vulnerabilities, the most serious of which may lead to information
- disclosure. Further information is available via the libpng website
- at http://www.libpng.org/pub/png/libpng.html
- CVE-ID
- CVE-2011-2692
- CVE-2011-3328
- ImageIO
- Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
- Impact: Viewing a maliciously crafted TIFF file may lead to an
- unexpected application termination or arbitrary code execution
- Description: A buffer overflow existed in libtiff's handling of
- ThunderScan encoded TIFF images. This issue is addressed by updating
- libtiff to version 3.9.5.
- CVE-ID
- CVE-2011-1167
- Kernel
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: When FileVault is used, the disk may contain unencrypted
- user data
- Description: An issue in the kernel's handling of the sleep image
- used for hibernation left some data unencrypted on disk even when
- FileVault was enabled. This issue is addressed through improved
- handling of the sleep image, and by overwriting the existing sleep
- image when updating to OS X v10.7.4. This issue does not affect
- systems prior to OS X Lion.
- CVE-ID
- CVE-2011-3212 : Felix Groebert of Google Security Team
- libarchive
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Extracting a maliciously crafted archive may lead to an
- unexpected application termination or arbitrary code execution
- Description: Multiple buffer overflows existed in the handling of
- tar archives and iso9660 files.
- CVE-ID
- CVE-2011-1777
- CVE-2011-1778
- libsecurity
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Verifying a maliciously crafted X.509 certificate, such as
- when visiting a maliciously crafted website, may lead to an
- unexpected application termination or arbitrary code execution
- Description: An uninitialized memory access issue existed in the
- handling of X.509 certificates.
- CVE-ID
- CVE-2012-0654 : Dirk-Willem van Gulik of WebWeaving.org, Guilherme
- Prado of Conselho da Justica Federal, Ryan Sleevi of Google
- libsecurity
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Support for X.509 certificates with insecure-length RSA keys
- may expose users to spoofing and information disclosure
- Description: Certificates signed using RSA keys with insecure key
- lengths were accepted by libsecurity. This issue is addressed by
- rejecting certificates containing RSA keys less than 1024 bits.
- CVE-ID
- CVE-2012-0655
- libxml
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Viewing a maliciously crafted web page may lead to an
- unexpected application termination or arbitrary code execution
- Description: Multiple vulnerabilities existed in libxml, the most
- serious of which may lead to an unexpected application termination or
- arbitrary code execution. These issues are addressed by applying the
- relevant upstream patches.
- CVE-ID
- CVE-2011-1944 : Chris Evans of Google Chrome Security Team
- CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of
- Chinese Academy of Sciences
- CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of
- Chinese Academy of Sciences
- CVE-2011-3919 : Juri Aedla
- LoginUIFramework
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: If the Guest user is enabled, a user with physical access to
- the computer may be able to log in to a user other than the Guest
- user without entering a password
- Description: A race condition existed in the handling of Guest user
- logins. This issue does not affect systems prior to OS X Lion.
- CVE-ID
- CVE-2012-0656 : Francisco Gomez (espectalll123)
- PHP
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: Multiple vulnerabilities in PHP
- Description: PHP is updated to version 5.3.10 to address several
- vulnerabilities, the most serious of which may lead to arbitrary code
- execution. Further information is available via the PHP web site at
- http://www.php.net
- CVE-ID
- CVE-2011-4566
- CVE-2011-4885
- CVE-2012-0830
- Quartz Composer
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: A user with physical access to the computer may be able to
- cause Safari to launch if the screen is locked and the RSS Visualizer
- screen saver is used
- Description: An access control issue existed in Quartz Composer's
- handling of screen savers. This issue is addressed through improved
- checking for whether or not the screen is locked.
- CVE-ID
- CVE-2012-0657 : Aaron Sigel of vtty.com
- QuickTime
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Viewing a maliciously crafted movie file during progressive
- download may lead to an unexpected application termination or
- arbitrary code execution
- Description: A buffer overflow existed in the handling of audio
- sample tables.
- CVE-ID
- CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative
- QuickTime
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Viewing a maliciously crafted MPEG file may lead to an
- unexpected application termination or arbitrary code execution
- Description: An integer overflow existed in the handling of MPEG
- files.
- CVE-ID
- CVE-2012-0659 : An anonymous researcher working with HP's Zero Day
- Initiative
- QuickTime
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Viewing a maliciously crafted MPEG file may lead to an
- unexpected application termination or arbitrary code execution
- Description: A buffer underflow existed in the handling of MPEG
- files.
- CVE-ID
- CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability
- Research
- QuickTime
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: Viewing a maliciously crafted movie file may lead to an
- unexpected application termination or arbitrary code execution
- Description: A use after free issue existed in the handling of
- JPEG2000 encoded movie files. This issue does not affect systems
- prior to OS X Lion.
- CVE-ID
- CVE-2012-0661 : Damian Put working with HP's Zero Day Initiative
- Ruby
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: Multiple vulnerabilities in Ruby
- Description: Ruby is updated to 1.8.7-p357 to address multiple
- vulnerabilities.
- CVE-ID
- CVE-2011-1004
- CVE-2011-1005
- CVE-2011-4815
- Samba
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8
- Impact: If SMB file sharing is enabled, an unauthenticated remote
- attacker may cause a denial of service or arbitrary code execution
- with system privileges
- Description: Multiple buffer overflows existed in Samba's handling
- of remote procedure calls. By sending a maliciously crafted packet,
- an unauthenticated remote attacker could cause a denial of service or
- arbitrary code execution with system privileges. These issues do not
- affect OS X Lion systems.
- CVE-ID
- CVE-2012-0870 : Andy Davis of NGS Secure
- CVE-2012-1182 : An anonymous researcher working with HP's Zero Day
- Initiative
- Security Framework
- Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
- OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
- Impact: A remote attacker may cause an unexpected application
- termination or arbitrary code execution
- Description: An integer overflow existed in the Security framework.
- Processing untrusted input with the Security framework could result
- in memory corruption. This issue does not affect 32-bit processes.
- CVE-ID
- CVE-2012-0662 : aazubel working with HP's Zero Day Initiative
- Time Machine
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: A remote attacker may access a user's Time Machine backup
- credentials
- Description: The user may designate a Time Capsule or remote AFP
- volume attached to an AirPort Base Station to be used for Time
- Machine backups. Beginning with AirPort Base Station and Time Capsule
- Firmware Update 7.6, Time Capsules and Base Stations support a secure
- SRP-based authentication mechanism over AFP. However, Time Machine
- did not require that the SRP-based authentication mechanism was used
- for subsequent backup operations, even if Time Machine was initially
- configured or had ever contacted a Time Capsule or Base Station that
- supported it. An attacker who is able to spoof the remote volume
- could gain access to user's Time Capsule credentials, although not
- backup data, sent by the user's system. This issue is addressed by
- requiring use of the SRP-based authentication mechanism if the backup
- destination has ever supported it.
- CVE-ID
- CVE-2012-0675 : Renaud Deraison of Tenable Network Security, Inc.
- X11
- Available for: OS X Lion v10.7 to v10.7.3,
- OS X Lion Server v10.7 to v10.7.3
- Impact: Applications that use libXfont to process LZW-compressed
- data may be vulnerable to an unexpected application termination or
- arbitrary code execution
- Description: A buffer overflow existed in libXfont's handling of
- LZW-compressed data. This issue is addressed by updating libXfont to
- version 1.4.4.
- CVE-ID
- CVE-2011-2895 : Tomas Hoger of Red Hat
- Note: Additionally, this update filters dynamic linker environment
- variables from a customized environment property list in the user's
- home directory, if present.
- OS X Lion v10.7.4 and Security Update 2012-002 may be obtained from
- the Software Update pane in System Preferences, or Apple's Software
- Downloads web site:
- http://www.apple.com/support/downloads/
- The Software Update utility will present the update that applies
- to your system configuration. Only one is needed, either
- Security Update 2012-002 or OS X v10.7.4.
- For OS X Lion v10.7.3
- The download file is named: MacOSXUpd10.7.4.dmg
- Its SHA-1 digest is: 04c53a6148ebd8c5733459620b7c1e2172352d36
- For OS X Lion v10.7 and v10.7.2
- The download file is named: MacOSXUpdCombo10.7.4.dmg
- Its SHA-1 digest is: b11d511a50d9b728532688768fcdee9c1930037f
- For OS X Lion Server v10.7.3
- The download file is named: MacOSXServerUpd10.7.4.dmg
- Its SHA-1 digest is: 3cb5699c8ecf7d70145f3692555557f7206618b2
- For OS X Lion Server v10.7 and v10.7.2
- The download file is named: MacOSXServerUpdCombo10.7.4.dmg
- Its SHA-1 digest is: 917207e922056718b9924ef73caa5fcac06b7240
- For Mac OS X v10.6.8
- The download file is named: SecUpd2012-002Snow.dmg
- Its SHA-1 digest is: 9669fbd9952419e70ac20109cf4db37f9932e9f8
- For Mac OS X Server v10.6.8
- The download file is named: SecUpdSrvr2012-002.dmg
- Its SHA-1 digest is: 34da2dcbc8d45362f1d5e3b1b218112a729ae1c3
- Information will also be posted to the Apple Security Updates
- web site: http://support.apple.com/kb/HT1222
- This message is signed with Apple's Product Security PGP key,
- and details are available at:
- https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----
- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
- iQEcBAEBAgAGBQJPqtkzAAoJEGnF2JsdZQeee2MIAKAcBIY6k0LU2fDLThFoAgKh
- WkYpGmCwa7L6n02geHzWrUCK/P/0yGWzDDqLfKlKuKbXdEIRP2wZTlvrqZHLzNO/
- nXgz3HN1Xbll8yVXrGMEsoTD23Q+2/ZKLGMlSDw3vgBTVi/g4Rcer4Eew5mTkaoA
- j4WkrzgVUIxCMrsWMMwu1SVaizBuTYbNVzCzV3JPF1H0zVtVKgwWjhTdOJ/RDksD
- sjZG1XIEqVyv1rNk5BtjxVPFaJGpf9mcHiH8XyKQ0bC6ToM2r3B++Layoc5k1K0V
- OxKGSfWOEbWi/KR6vlXyVbe7JnU7a/V0C25HXhnoMEtoTCleZACEByLVtBC87LU=
- =6Eiz
- -----END PGP SIGNATURE-----
- _______________________________________________
- Do not post admin requests to the list. They will be ignored.
- Security-announce mailing list (Security-announce@lists.apple.com)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement