SHARE
TWEET

Untitled

a guest May 9th, 2012 296 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. -----BEGIN PGP SIGNED MESSAGE-----
  2. Hash: SHA1
  3.  
  4. APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002
  5.  
  6. OS X Lion v10.7.4 and Security Update 2012-002 is now available and
  7. addresses the following:
  8.  
  9. Login Window
  10. Available for: OS X Lion v10.7.3, OS X Lion Server v10.7.3
  11. Impact: Remote admins and persons with physical access to the system
  12. may obtain account information
  13. Description: An issue existed in the handling of network account
  14. logins. The login process recorded sensitive information in the
  15. system log, where other users of the system could read it. The
  16. sensitive information may persist in saved logs after installation of
  17. this update. See http://support.apple.com/kb/TS4272 for more
  18. information on how to securely remove any remaining records. This
  19. issue only affects systems running OS X Lion v10.7.3 with users of
  20. Legacy File Vault and/or networked home directories.
  21. CVE-ID
  22. CVE-2012-0652 : Terry Reeves and Tim Winningham of the Ohio State
  23. University, Markus 'Jaroneko' Raty of the Finnish Academy of Fine
  24. Arts, Jaakko Pero of Aalto University, Mark Cohen of Oregon State
  25. University, Paul Nelson
  26.  
  27. Bluetooth
  28. Available for: OS X Lion v10.7 to v10.7.3,
  29. OS X Lion Server v10.7 to v10.7.3
  30. Impact: A local user may be able to execute arbitrary code with
  31. system privileges
  32. Description: A temporary file race condition issue existed in
  33. blued's initialization routine.
  34. CVE-ID
  35. CVE-2012-0649 : Aaron Sigel of vtty.com
  36.  
  37. curl
  38. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  39. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  40. Impact: An attacker may be able to decrypt data protected by SSL
  41. Description: There are known attacks on the confidentiality of SSL
  42. 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.
  43. curl disabled the 'empty fragment' countermeasure which prevented
  44. these attacks. This issue is addressed by enabling empty fragments.
  45. CVE-ID
  46. CVE-2011-3389 : Apple
  47.  
  48. curl
  49. Available for: OS X Lion v10.7 to v10.7.3,
  50. OS X Lion Server v10.7 to v10.7.3
  51. Impact: Using curl or libcurl with a maliciously crafted URL may
  52. lead to protocol-specific data injection attacks
  53. Description: A data injection issue existed in curl's handling of
  54. URLs. This issue is addressed through improved validation of URLs.
  55. This issue does not affect systems prior to OS X Lion.
  56. CVE-ID
  57. CVE-2012-0036
  58.  
  59. Directory Service
  60. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8
  61. Impact: A remote attacker may obtain sensitive information
  62. Description: Multiple issues existed in the directory server's
  63. handling of messages from the network. By sending a maliciously
  64. crafted message, a remote attacker could cause the directory server
  65. to disclose memory from its address space, potentially revealing
  66. account credentials or other sensitive information. This issue does
  67. not affect OS X Lion systems. The Directory Server is disabled by
  68. default in non-server installations of OS X.
  69. CVE-ID
  70. CVE-2012-0651 : Agustin Azubel
  71.  
  72. HFS
  73. Available for: OS X Lion v10.7 to v10.7.3,
  74. OS X Lion Server v10.7 to v10.7.3
  75. Impact: Mounting a maliciously crafted disk image may lead to a
  76. system shutdown or arbitrary code execution
  77. Description: An integer underflow existed in the handling of HFS
  78. catalog files.
  79. CVE-ID
  80. CVE-2012-0642 : pod2g
  81.  
  82. ImageIO
  83. Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
  84. Impact: Viewing a maliciously crafted TIFF file may lead to an
  85. unexpected application termination or arbitrary code execution
  86. Description: A buffer overflow existed in ImageIO's handling of
  87. CCITT Group 4 encoded TIFF files. This issue does not affect OS X
  88. Lion systems.
  89. CVE-ID
  90. CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
  91.  
  92. ImageIO
  93. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8
  94. Impact: Multiple vulnerabilities in libpng
  95. Description: libpng is updated to version 1.5.5 to address multiple
  96. vulnerabilities, the most serious of which may lead to information
  97. disclosure. Further information is available via the libpng website
  98. at http://www.libpng.org/pub/png/libpng.html
  99. CVE-ID
  100. CVE-2011-2692
  101. CVE-2011-3328
  102.  
  103. ImageIO
  104. Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8
  105. Impact: Viewing a maliciously crafted TIFF file may lead to an
  106. unexpected application termination or arbitrary code execution
  107. Description: A buffer overflow existed in libtiff's handling of
  108. ThunderScan encoded TIFF images. This issue is addressed by updating
  109. libtiff to version 3.9.5.
  110. CVE-ID
  111. CVE-2011-1167
  112.  
  113. Kernel
  114. Available for: OS X Lion v10.7 to v10.7.3,
  115. OS X Lion Server v10.7 to v10.7.3
  116. Impact: When FileVault is used, the disk may contain unencrypted
  117. user data
  118. Description: An issue in the kernel's handling of the sleep image
  119. used for hibernation left some data unencrypted on disk even when
  120. FileVault was enabled. This issue is addressed through improved
  121. handling of the sleep image, and by overwriting the existing sleep
  122. image when updating to OS X v10.7.4. This issue does not affect
  123. systems prior to OS X Lion.
  124. CVE-ID
  125. CVE-2011-3212 : Felix Groebert of Google Security Team
  126.  
  127. libarchive
  128. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  129. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  130. Impact: Extracting a maliciously crafted archive may lead to an
  131. unexpected application termination or arbitrary code execution
  132. Description: Multiple buffer overflows existed in the handling of
  133. tar archives and iso9660 files.
  134. CVE-ID
  135. CVE-2011-1777
  136. CVE-2011-1778
  137.  
  138. libsecurity
  139. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  140. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  141. Impact: Verifying a maliciously crafted X.509 certificate, such as
  142. when visiting a maliciously crafted website, may lead to an
  143. unexpected application termination or arbitrary code execution
  144. Description: An uninitialized memory access issue existed in the
  145. handling of X.509 certificates.
  146. CVE-ID
  147. CVE-2012-0654 : Dirk-Willem van Gulik of WebWeaving.org, Guilherme
  148. Prado of Conselho da Justica Federal, Ryan Sleevi of Google
  149.  
  150. libsecurity
  151. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  152. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  153. Impact: Support for X.509 certificates with insecure-length RSA keys
  154. may expose users to spoofing and information disclosure
  155. Description: Certificates signed using RSA keys with insecure key
  156. lengths were accepted by libsecurity. This issue is addressed by
  157. rejecting certificates containing RSA keys less than 1024 bits.
  158. CVE-ID
  159. CVE-2012-0655
  160.  
  161. libxml
  162. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  163. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  164. Impact: Viewing a maliciously crafted web page may lead to an
  165. unexpected application termination or arbitrary code execution
  166. Description: Multiple vulnerabilities existed in libxml, the most
  167. serious of which may lead to an unexpected application termination or
  168. arbitrary code execution. These issues are addressed by applying the
  169. relevant upstream patches.
  170. CVE-ID
  171. CVE-2011-1944 : Chris Evans of Google Chrome Security Team
  172. CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of
  173. Chinese Academy of Sciences
  174. CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of
  175. Chinese Academy of Sciences
  176. CVE-2011-3919 : Juri Aedla
  177.  
  178. LoginUIFramework
  179. Available for: OS X Lion v10.7 to v10.7.3,
  180. OS X Lion Server v10.7 to v10.7.3
  181. Impact: If the Guest user is enabled, a user with physical access to
  182. the computer may be able to log in to a user other than the Guest
  183. user without entering a password
  184. Description: A race condition existed in the handling of Guest user
  185. logins. This issue does not affect systems prior to OS X Lion.
  186. CVE-ID
  187. CVE-2012-0656 : Francisco Gomez (espectalll123)
  188.  
  189. PHP
  190. Available for: OS X Lion v10.7 to v10.7.3,
  191. OS X Lion Server v10.7 to v10.7.3
  192. Impact: Multiple vulnerabilities in PHP
  193. Description: PHP is updated to version 5.3.10 to address several
  194. vulnerabilities, the most serious of which may lead to arbitrary code
  195. execution. Further information is available via the PHP web site at
  196. http://www.php.net
  197. CVE-ID
  198. CVE-2011-4566
  199. CVE-2011-4885
  200. CVE-2012-0830
  201.  
  202. Quartz Composer
  203. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  204. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  205. Impact: A user with physical access to the computer may be able to
  206. cause Safari to launch if the screen is locked and the RSS Visualizer
  207. screen saver is used
  208. Description: An access control issue existed in Quartz Composer's
  209. handling of screen savers. This issue is addressed through improved
  210. checking for whether or not the screen is locked.
  211. CVE-ID
  212. CVE-2012-0657 : Aaron Sigel of vtty.com
  213.  
  214. QuickTime
  215. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  216. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  217. Impact: Viewing a maliciously crafted movie file during progressive
  218. download may lead to an unexpected application termination or
  219. arbitrary code execution
  220. Description: A buffer overflow existed in the handling of audio
  221. sample tables.
  222. CVE-ID
  223. CVE-2012-0658 : Luigi Auriemma working with HP's Zero Day Initiative
  224.  
  225. QuickTime
  226. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  227. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  228. Impact: Viewing a maliciously crafted MPEG file may lead to an
  229. unexpected application termination or arbitrary code execution
  230. Description: An integer overflow existed in the handling of MPEG
  231. files.
  232. CVE-ID
  233. CVE-2012-0659 : An anonymous researcher working with HP's Zero Day
  234. Initiative
  235.  
  236. QuickTime
  237. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  238. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  239. Impact: Viewing a maliciously crafted MPEG file may lead to an
  240. unexpected application termination or arbitrary code execution
  241. Description: A buffer underflow existed in the handling of MPEG
  242. files.
  243. CVE-ID
  244. CVE-2012-0660 : Justin Kim at Microsoft and Microsoft Vulnerability
  245. Research
  246.  
  247. QuickTime
  248. Available for: OS X Lion v10.7 to v10.7.3,
  249. OS X Lion Server v10.7 to v10.7.3
  250. Impact: Viewing a maliciously crafted movie file may lead to an
  251. unexpected application termination or arbitrary code execution
  252. Description: A use after free issue existed in the handling of
  253. JPEG2000 encoded movie files. This issue does not affect systems
  254. prior to OS X Lion.
  255. CVE-ID
  256. CVE-2012-0661 : Damian Put working with HP's Zero Day Initiative
  257.  
  258. Ruby
  259. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  260. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  261. Impact: Multiple vulnerabilities in Ruby
  262. Description: Ruby is updated to 1.8.7-p357 to address multiple
  263. vulnerabilities.
  264. CVE-ID
  265. CVE-2011-1004
  266. CVE-2011-1005
  267. CVE-2011-4815
  268.  
  269. Samba
  270. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8
  271. Impact: If SMB file sharing is enabled, an unauthenticated remote
  272. attacker may cause a denial of service or arbitrary code execution
  273. with system privileges
  274. Description: Multiple buffer overflows existed in Samba's handling
  275. of remote procedure calls. By sending a maliciously crafted packet,
  276. an unauthenticated remote attacker could cause a denial of service or
  277. arbitrary code execution with system privileges. These issues do not
  278. affect OS X Lion systems.
  279. CVE-ID
  280. CVE-2012-0870 : Andy Davis of NGS Secure
  281. CVE-2012-1182 : An anonymous researcher working with HP's Zero Day
  282. Initiative
  283.  
  284. Security Framework
  285. Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8,
  286. OS X Lion v10.7 to v10.7.3, OS X Lion Server v10.7 to v10.7.3
  287. Impact: A remote attacker may cause an unexpected application
  288. termination or arbitrary code execution
  289. Description: An integer overflow existed in the Security framework.
  290. Processing untrusted input with the Security framework could result
  291. in memory corruption. This issue does not affect 32-bit processes.
  292. CVE-ID
  293. CVE-2012-0662 : aazubel working with HP's Zero Day Initiative
  294.  
  295. Time Machine
  296. Available for: OS X Lion v10.7 to v10.7.3,
  297. OS X Lion Server v10.7 to v10.7.3
  298. Impact: A remote attacker may access a user's Time Machine backup
  299. credentials
  300. Description: The user may designate a Time Capsule or remote AFP
  301. volume attached to an AirPort Base Station to be used for Time
  302. Machine backups. Beginning with AirPort Base Station and Time Capsule
  303. Firmware Update 7.6, Time Capsules and Base Stations support a secure
  304. SRP-based authentication mechanism over AFP. However, Time Machine
  305. did not require that the SRP-based authentication mechanism was used
  306. for subsequent backup operations, even if Time Machine was initially
  307. configured or had ever contacted a Time Capsule or Base Station that
  308. supported it. An attacker who is able to spoof the remote volume
  309. could gain access to user's Time Capsule credentials, although not
  310. backup data, sent by the user's system. This issue is addressed by
  311. requiring use of the SRP-based authentication mechanism if the backup
  312. destination has ever supported it.
  313. CVE-ID
  314. CVE-2012-0675 : Renaud Deraison of Tenable Network Security, Inc.
  315.  
  316. X11
  317. Available for: OS X Lion v10.7 to v10.7.3,
  318. OS X Lion Server v10.7 to v10.7.3
  319. Impact: Applications that use libXfont to process LZW-compressed
  320. data may be vulnerable to an unexpected application termination or
  321. arbitrary code execution
  322. Description: A buffer overflow existed in libXfont's handling of
  323. LZW-compressed data. This issue is addressed by updating libXfont to
  324. version 1.4.4.
  325. CVE-ID
  326. CVE-2011-2895 : Tomas Hoger of Red Hat
  327.  
  328.  
  329. Note: Additionally, this update filters dynamic linker environment
  330. variables from a customized environment property list in the user's
  331. home directory, if present.
  332.  
  333.  
  334. OS X Lion v10.7.4 and Security Update 2012-002 may be obtained from
  335. the Software Update pane in System Preferences, or Apple's Software
  336. Downloads web site:
  337. http://www.apple.com/support/downloads/
  338.  
  339. The Software Update utility will present the update that applies
  340. to your system configuration. Only one is needed, either
  341. Security Update 2012-002 or OS X v10.7.4.
  342.  
  343. For OS X Lion v10.7.3
  344. The download file is named: MacOSXUpd10.7.4.dmg
  345. Its SHA-1 digest is: 04c53a6148ebd8c5733459620b7c1e2172352d36
  346.  
  347. For OS X Lion v10.7 and v10.7.2
  348. The download file is named: MacOSXUpdCombo10.7.4.dmg
  349. Its SHA-1 digest is: b11d511a50d9b728532688768fcdee9c1930037f
  350.  
  351. For OS X Lion Server v10.7.3
  352. The download file is named: MacOSXServerUpd10.7.4.dmg
  353. Its SHA-1 digest is: 3cb5699c8ecf7d70145f3692555557f7206618b2
  354.  
  355. For OS X Lion Server v10.7 and v10.7.2
  356. The download file is named: MacOSXServerUpdCombo10.7.4.dmg
  357. Its SHA-1 digest is: 917207e922056718b9924ef73caa5fcac06b7240
  358.  
  359. For Mac OS X v10.6.8
  360. The download file is named: SecUpd2012-002Snow.dmg
  361. Its SHA-1 digest is: 9669fbd9952419e70ac20109cf4db37f9932e9f8
  362.  
  363. For Mac OS X Server v10.6.8
  364. The download file is named: SecUpdSrvr2012-002.dmg
  365. Its SHA-1 digest is: 34da2dcbc8d45362f1d5e3b1b218112a729ae1c3
  366.  
  367. Information will also be posted to the Apple Security Updates
  368. web site: http://support.apple.com/kb/HT1222
  369.  
  370. This message is signed with Apple's Product Security PGP key,
  371. and details are available at:
  372. https://www.apple.com/support/security/pgp/
  373.  
  374. -----BEGIN PGP SIGNATURE-----
  375. Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
  376.  
  377. iQEcBAEBAgAGBQJPqtkzAAoJEGnF2JsdZQeee2MIAKAcBIY6k0LU2fDLThFoAgKh
  378. WkYpGmCwa7L6n02geHzWrUCK/P/0yGWzDDqLfKlKuKbXdEIRP2wZTlvrqZHLzNO/
  379. nXgz3HN1Xbll8yVXrGMEsoTD23Q+2/ZKLGMlSDw3vgBTVi/g4Rcer4Eew5mTkaoA
  380. j4WkrzgVUIxCMrsWMMwu1SVaizBuTYbNVzCzV3JPF1H0zVtVKgwWjhTdOJ/RDksD
  381. sjZG1XIEqVyv1rNk5BtjxVPFaJGpf9mcHiH8XyKQ0bC6ToM2r3B++Layoc5k1K0V
  382. OxKGSfWOEbWi/KR6vlXyVbe7JnU7a/V0C25HXhnoMEtoTCleZACEByLVtBC87LU=
  383. =6Eiz
  384. -----END PGP SIGNATURE-----
  385. _______________________________________________
  386. Do not post admin requests to the list. They will be ignored.
  387. Security-announce mailing list (Security-announce@lists.apple.com)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top