APPLE-SA-2018-9-17-4 Safari 12

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2018-9-17-4 Safari 12

Safari 12 is now available and addresses the following:

Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS
Mojave 10.14
Impact: A malicious website may be able to exfiltrate autofilled data
in Safari
Description: A logic issue was addressed with improved state
management.
CVE-2018-4307: Rafay Baloch of Pakistan Telecommunications Authority

Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS
Mojave 10.14
Impact: A user may be unable to delete browsing history items
Description: Clearing a history item may not clear visits with
redirect chains. The issue was addressed with improved data deletion.
CVE-2018-4329: Hugo S. Diaz (coldpointblue)

Safari
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS
Mojave 10.14
Impact: Visiting a malicious website by clicking a link may lead to
user interface spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4195: xisigr of Tencent's Xuanwu Lab (www.tencent.com)

Installation note:

Safari 12 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlud5zQACgkQeC9tht7T
K3Hd8A//dQTRkRdIEf2iYyfO6Sid5H1WSndQE5NmI9PlnBz/asdyJtHL+XDGeCE9
1qjl/lzub/QRIne0oxxz3b1k8yFWhTz8NgiyGMdL/FLKqyGkO4oxLYCN0k1la9RE
1tTfV48Pj7naVJePC6latzc3Ll/9oBqmkHDqckpEJcBDI0ziLk20mY9MK9/aQkhc
eFdHtbODaIKq1CKCCkoZL/ZiL3sKmxdSXoO658+eBt0Wj1KmNe1mcWZ5IpYpxXFU
bzC1QDWYV8b3763z/chb6YUljZzZ2w0IZvZr+GPRrC6nR0ozGlGzZsjvQZIXUcOb
tqrGkz34NLHi/M0ygvQ4ztKmycieQb6UqdhsrJtd5OKZlYqQc9aMq250Ft/Lkl+7
+u5nJfsAv8YWG8SJxcKmc8Kx1AgvRmkvgLmiMIh8pKox5NdzkuIYM7Lst3Eg9s5b
NG++c7VT7SKnFiYj524PuwJw1W2n6CknZgBqq2XylrUo8ceeC3oV8T4ltCXK2thS
eeV74ltadfPLnPfemxy5az4BC2hSqkpp7QhNOKik25O0fzd2bgt1Xt2SH8YjcZqv
08Mjtf6WXj6yrLu2Ym0J4DLg2cTKPjsxF6lNIUOrkPNYbclfQDYkSiT4oEnt16+H
J/XEr6lVa4BdvwSxZF76HSgvB6BaZefc31Sz3gdk96TkRfgIkRc=
=0eDn
-----END PGP SIGNATURE-----




[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux