VARIoT IoT vulnerabilities database
| VAR-201910-0897 | CVE-2019-18226 | plural Honeywell In product Capture-replay Authentication bypass vulnerability |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products. Honeywell equIP, etc. are products of American Honeywell (Honeywell) company. Honeywell equIP is an equIP series IP camera product. Honeywell Performance is a Performance series IP camera product. Honeywell Recorders is a Recorders series network video recorder product
| VAR-201910-0899 | CVE-2019-18228 | Honeywell equIP series IP camera Multiple equIP Series Camera Input validation vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vulnerability exists in the affected products where a specially crafted HTTP packet request could result in a denial of service. Honeywell equIP H4L2GR1, etc. are all IP cameras of American Honeywell company.
Input validation error vulnerabilities exist in many Honeywell products
| VAR-201910-0661 | CVE-2019-16251 | WordPress for YIT Vulnerability related to privilege management in plug-in framework |
CVSS V2: 4.0 CVSS V3: 4.3 Severity: MEDIUM |
plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework through 3.3.8 for WordPress allows authenticated options changes. WordPress is a blogging platform developed by the WordPress Foundation using PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. An attacker could exploit this vulnerability to modify the options of a plugin
| VAR-201910-0901 | CVE-2019-18230 | Honeywell equIP Series and Performance Series IP Camera Access Control Error Vulnerability |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP. Honeywell equIP H4L2GR1, etc. are all IP cameras from Honeywell. Attackers can use this vulnerability for unauthorized access
| VAR-201911-0267 | CVE-2019-5292 | plural Huawei Information disclosure vulnerability in mobile phones |
CVSS V2: 2.1 CVSS V3: 3.3 Severity: LOW |
Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions before 9.1.0.217(C00E215R3P1), the versions before 9.1.0.205(C00E97R1P9), the versions before 9.1.0.205(C00E97R2P2) have an information leak vulnerability. Due to improper function error records of some module, an attacker with the access permission may exploit the vulnerability to obtain some information. The vulnerability stems from a reasonable record of module functionality. Error message
| VAR-201911-0838 | CVE-2019-5233 | Huawei smartphone Taurus-AL00B Vulnerabilities in authentication |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components. Huawei smartphone Taurus-AL00B Contains an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Huawei Taurus-AL00B is a smartphone from China's Huawei.
There is a security vulnerability in Huawei Taurus-AL00B 10.0.0.41 (SP2C00E41R3P2) version
| VAR-201911-0262 | CVE-2019-5279 | Huawei Emily-L29C Information Disclosure Vulnerability |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C10E2R1P13T8), Versions earlier than 9.1.0.311(C461E2R1P11T8), Versions earlier than 9.1.0.316(C635E2R1P11T8), Versions earlier than 9.1.0.311(C185E2R1P12T8), Versions earlier than 9.1.0.311(C605E2R1P12T8), Versions earlier than 9.1.0.311(C636E7R1P13T8) have an information leakage vulnerability. An attacker tricks the user into installing a malicious application, which can copy specific files to the sdcard, resulting in information leakage. Huawei smartphone Emily-L29C Contains an information disclosure vulnerability.Information may be obtained. Huawei Emily-L29C is a smartphone from China's Huawei company. The vulnerability stems from errors in the configuration of the network system or product during operation
| VAR-201912-1846 | CVE-2019-8821 | plural Apple Updates to product vulnerabilities |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass.
Installation note:
Safari 13.0.3 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
====================================================================
1. Summary:
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch
3. Description:
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.
The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm
ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm
s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm
s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z
rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01
RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM
XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK
R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1
PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467
eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX
rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ
1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe
PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr
w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh
PKg+HFNkMjk=dS3G
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006
------------------------------------------------------------------------
Date reported : November 08, 2019
Advisory ID : WSA-2019-0006
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0006.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0006.html
CVE identifiers : CVE-2019-8710, CVE-2019-8743, CVE-2019-8764,
CVE-2019-8765, CVE-2019-8766, CVE-2019-8782,
CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814,
CVE-2019-8815, CVE-2019-8816, CVE-2019-8819,
CVE-2019-8820, CVE-2019-8821, CVE-2019-8822,
CVE-2019-8823.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2019-8710
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8743
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
CVE-2019-8764
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8765
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8766
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8782
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8783
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Graylab Security Team.
CVE-2019-8808
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8811
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8812
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to an anonymous researcher.
CVE-2019-8813
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to an anonymous researcher.
CVE-2019-8814
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8815
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Apple.
CVE-2019-8816
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8819
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8820
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8821
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8822
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8823
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Sergei Glazunov of Google Project Zero.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
November 08, 2019
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 15, 2020
Bugs: #699156, #706374, #709612
ID: 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Impact
======
A remote attacker could execute arbitrary code, cause a Denial of
Service condition, bypass intended memory-read restrictions, conduct a
timing side-channel attack to bypass the Same Origin Policy or obtain
sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4"
References
==========
[ 1 ] CVE-2019-8625
https://nvd.nist.gov/vuln/detail/CVE-2019-8625
[ 2 ] CVE-2019-8674
https://nvd.nist.gov/vuln/detail/CVE-2019-8674
[ 3 ] CVE-2019-8707
https://nvd.nist.gov/vuln/detail/CVE-2019-8707
[ 4 ] CVE-2019-8710
https://nvd.nist.gov/vuln/detail/CVE-2019-8710
[ 5 ] CVE-2019-8719
https://nvd.nist.gov/vuln/detail/CVE-2019-8719
[ 6 ] CVE-2019-8720
https://nvd.nist.gov/vuln/detail/CVE-2019-8720
[ 7 ] CVE-2019-8726
https://nvd.nist.gov/vuln/detail/CVE-2019-8726
[ 8 ] CVE-2019-8733
https://nvd.nist.gov/vuln/detail/CVE-2019-8733
[ 9 ] CVE-2019-8735
https://nvd.nist.gov/vuln/detail/CVE-2019-8735
[ 10 ] CVE-2019-8743
https://nvd.nist.gov/vuln/detail/CVE-2019-8743
[ 11 ] CVE-2019-8763
https://nvd.nist.gov/vuln/detail/CVE-2019-8763
[ 12 ] CVE-2019-8764
https://nvd.nist.gov/vuln/detail/CVE-2019-8764
[ 13 ] CVE-2019-8765
https://nvd.nist.gov/vuln/detail/CVE-2019-8765
[ 14 ] CVE-2019-8766
https://nvd.nist.gov/vuln/detail/CVE-2019-8766
[ 15 ] CVE-2019-8768
https://nvd.nist.gov/vuln/detail/CVE-2019-8768
[ 16 ] CVE-2019-8769
https://nvd.nist.gov/vuln/detail/CVE-2019-8769
[ 17 ] CVE-2019-8771
https://nvd.nist.gov/vuln/detail/CVE-2019-8771
[ 18 ] CVE-2019-8782
https://nvd.nist.gov/vuln/detail/CVE-2019-8782
[ 19 ] CVE-2019-8783
https://nvd.nist.gov/vuln/detail/CVE-2019-8783
[ 20 ] CVE-2019-8808
https://nvd.nist.gov/vuln/detail/CVE-2019-8808
[ 21 ] CVE-2019-8811
https://nvd.nist.gov/vuln/detail/CVE-2019-8811
[ 22 ] CVE-2019-8812
https://nvd.nist.gov/vuln/detail/CVE-2019-8812
[ 23 ] CVE-2019-8813
https://nvd.nist.gov/vuln/detail/CVE-2019-8813
[ 24 ] CVE-2019-8814
https://nvd.nist.gov/vuln/detail/CVE-2019-8814
[ 25 ] CVE-2019-8815
https://nvd.nist.gov/vuln/detail/CVE-2019-8815
[ 26 ] CVE-2019-8816
https://nvd.nist.gov/vuln/detail/CVE-2019-8816
[ 27 ] CVE-2019-8819
https://nvd.nist.gov/vuln/detail/CVE-2019-8819
[ 28 ] CVE-2019-8820
https://nvd.nist.gov/vuln/detail/CVE-2019-8820
[ 29 ] CVE-2019-8821
https://nvd.nist.gov/vuln/detail/CVE-2019-8821
[ 30 ] CVE-2019-8822
https://nvd.nist.gov/vuln/detail/CVE-2019-8822
[ 31 ] CVE-2019-8823
https://nvd.nist.gov/vuln/detail/CVE-2019-8823
[ 32 ] CVE-2019-8835
https://nvd.nist.gov/vuln/detail/CVE-2019-8835
[ 33 ] CVE-2019-8844
https://nvd.nist.gov/vuln/detail/CVE-2019-8844
[ 34 ] CVE-2019-8846
https://nvd.nist.gov/vuln/detail/CVE-2019-8846
[ 35 ] CVE-2020-3862
https://nvd.nist.gov/vuln/detail/CVE-2020-3862
[ 36 ] CVE-2020-3864
https://nvd.nist.gov/vuln/detail/CVE-2020-3864
[ 37 ] CVE-2020-3865
https://nvd.nist.gov/vuln/detail/CVE-2020-3865
[ 38 ] CVE-2020-3867
https://nvd.nist.gov/vuln/detail/CVE-2020-3867
[ 39 ] CVE-2020-3868
https://nvd.nist.gov/vuln/detail/CVE-2020-3868
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-22
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2
iOS 13.2 and iPadOS 13.2 are now available and address the following:
Accounts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
Associated Domains
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
AVEVideoEncoder
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8795: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
File System Events
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics Driver
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8804: Christy Philip Mathew of Zimperium, Inc
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8813: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8815: Apple
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
WebKit
We would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi
Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"
| VAR-201912-1845 | CVE-2019-8822 | plural Apple Updates to product vulnerabilities |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple Safari prior to 13.0.3; iOS prior to 13.2; iPadOS prior to 13.2; tvOS prior to 13.2; Windows-based iCloud prior to 11.0; Windows-based iTunes prior to 12.10.2; Windows-based versions of iCloud prior to 7.15.
Installation note:
Safari 13.0.3 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
====================================================================
1. Summary:
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch
3. Description:
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.
The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm
ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm
s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm
s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z
rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01
RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM
XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK
R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1
PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467
eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX
rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ
1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe
PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr
w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh
PKg+HFNkMjk=dS3G
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006
------------------------------------------------------------------------
Date reported : November 08, 2019
Advisory ID : WSA-2019-0006
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0006.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0006.html
CVE identifiers : CVE-2019-8710, CVE-2019-8743, CVE-2019-8764,
CVE-2019-8765, CVE-2019-8766, CVE-2019-8782,
CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814,
CVE-2019-8815, CVE-2019-8816, CVE-2019-8819,
CVE-2019-8820, CVE-2019-8821, CVE-2019-8822,
CVE-2019-8823.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2019-8710
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8743
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
CVE-2019-8764
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8765
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8766
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8782
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8783
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Graylab Security Team.
CVE-2019-8808
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8811
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8812
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to an anonymous researcher.
CVE-2019-8813
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to an anonymous researcher.
CVE-2019-8814
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8815
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Apple.
CVE-2019-8816
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8819
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8820
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8821
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8822
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8823
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Sergei Glazunov of Google Project Zero.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
November 08, 2019
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 15, 2020
Bugs: #699156, #706374, #709612
ID: 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Impact
======
A remote attacker could execute arbitrary code, cause a Denial of
Service condition, bypass intended memory-read restrictions, conduct a
timing side-channel attack to bypass the Same Origin Policy or obtain
sensitive information.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4"
References
==========
[ 1 ] CVE-2019-8625
https://nvd.nist.gov/vuln/detail/CVE-2019-8625
[ 2 ] CVE-2019-8674
https://nvd.nist.gov/vuln/detail/CVE-2019-8674
[ 3 ] CVE-2019-8707
https://nvd.nist.gov/vuln/detail/CVE-2019-8707
[ 4 ] CVE-2019-8710
https://nvd.nist.gov/vuln/detail/CVE-2019-8710
[ 5 ] CVE-2019-8719
https://nvd.nist.gov/vuln/detail/CVE-2019-8719
[ 6 ] CVE-2019-8720
https://nvd.nist.gov/vuln/detail/CVE-2019-8720
[ 7 ] CVE-2019-8726
https://nvd.nist.gov/vuln/detail/CVE-2019-8726
[ 8 ] CVE-2019-8733
https://nvd.nist.gov/vuln/detail/CVE-2019-8733
[ 9 ] CVE-2019-8735
https://nvd.nist.gov/vuln/detail/CVE-2019-8735
[ 10 ] CVE-2019-8743
https://nvd.nist.gov/vuln/detail/CVE-2019-8743
[ 11 ] CVE-2019-8763
https://nvd.nist.gov/vuln/detail/CVE-2019-8763
[ 12 ] CVE-2019-8764
https://nvd.nist.gov/vuln/detail/CVE-2019-8764
[ 13 ] CVE-2019-8765
https://nvd.nist.gov/vuln/detail/CVE-2019-8765
[ 14 ] CVE-2019-8766
https://nvd.nist.gov/vuln/detail/CVE-2019-8766
[ 15 ] CVE-2019-8768
https://nvd.nist.gov/vuln/detail/CVE-2019-8768
[ 16 ] CVE-2019-8769
https://nvd.nist.gov/vuln/detail/CVE-2019-8769
[ 17 ] CVE-2019-8771
https://nvd.nist.gov/vuln/detail/CVE-2019-8771
[ 18 ] CVE-2019-8782
https://nvd.nist.gov/vuln/detail/CVE-2019-8782
[ 19 ] CVE-2019-8783
https://nvd.nist.gov/vuln/detail/CVE-2019-8783
[ 20 ] CVE-2019-8808
https://nvd.nist.gov/vuln/detail/CVE-2019-8808
[ 21 ] CVE-2019-8811
https://nvd.nist.gov/vuln/detail/CVE-2019-8811
[ 22 ] CVE-2019-8812
https://nvd.nist.gov/vuln/detail/CVE-2019-8812
[ 23 ] CVE-2019-8813
https://nvd.nist.gov/vuln/detail/CVE-2019-8813
[ 24 ] CVE-2019-8814
https://nvd.nist.gov/vuln/detail/CVE-2019-8814
[ 25 ] CVE-2019-8815
https://nvd.nist.gov/vuln/detail/CVE-2019-8815
[ 26 ] CVE-2019-8816
https://nvd.nist.gov/vuln/detail/CVE-2019-8816
[ 27 ] CVE-2019-8819
https://nvd.nist.gov/vuln/detail/CVE-2019-8819
[ 28 ] CVE-2019-8820
https://nvd.nist.gov/vuln/detail/CVE-2019-8820
[ 29 ] CVE-2019-8821
https://nvd.nist.gov/vuln/detail/CVE-2019-8821
[ 30 ] CVE-2019-8822
https://nvd.nist.gov/vuln/detail/CVE-2019-8822
[ 31 ] CVE-2019-8823
https://nvd.nist.gov/vuln/detail/CVE-2019-8823
[ 32 ] CVE-2019-8835
https://nvd.nist.gov/vuln/detail/CVE-2019-8835
[ 33 ] CVE-2019-8844
https://nvd.nist.gov/vuln/detail/CVE-2019-8844
[ 34 ] CVE-2019-8846
https://nvd.nist.gov/vuln/detail/CVE-2019-8846
[ 35 ] CVE-2020-3862
https://nvd.nist.gov/vuln/detail/CVE-2020-3862
[ 36 ] CVE-2020-3864
https://nvd.nist.gov/vuln/detail/CVE-2020-3864
[ 37 ] CVE-2020-3865
https://nvd.nist.gov/vuln/detail/CVE-2020-3865
[ 38 ] CVE-2020-3867
https://nvd.nist.gov/vuln/detail/CVE-2020-3867
[ 39 ] CVE-2020-3868
https://nvd.nist.gov/vuln/detail/CVE-2020-3868
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-22
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2
iOS 13.2 and iPadOS 13.2 are now available and address the following:
Accounts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
Associated Domains
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
AVEVideoEncoder
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8795: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
File System Events
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics Driver
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8804: Christy Philip Mathew of Zimperium, Inc
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8813: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8815: Apple
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
WebKit
We would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi
Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"
| VAR-201912-1858 | CVE-2019-8765 | plural Apple Updates to product vulnerabilities |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. (CVE-2019-6237)
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. (CVE-2019-8601)
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. (CVE-2019-8644)
A logic issue existed in the handling of synchronous page loads. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. (CVE-2019-8689)
A logic issue existed in the handling of document loads. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. (CVE-2019-8719)
This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13, Safari 13.0.1, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. (CVE-2019-8766)
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. A user may be unable to delete browsing history items. (CVE-2019-8768)
An issue existed in the drawing of web page elements. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. (CVE-2019-8846)
WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018)
A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)
A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. (CVE-2020-3901)
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. (CVE-2020-3902).
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: Apple Watch Series 1 and later
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8798: ABC Research s.r.o.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-11 Additional information
for APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1
iOS 13.1 and iPadOS 13.1 address the following:
AppleFirmwareUpdateKext
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2019-8747: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Entry added October 29, 2019
Books
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Parsing a maliciously crafted iBooks file may lead to a
persistent denial-of-service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2019-8740: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to determine kernel
memory layout
Description: The issue was addressed with improved permissions logic.
CVE-2019-8780: Siguza
libxslt
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
Entry added October 29, 2019
mDNSResponder
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to passively
observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a
random identifier.
CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile
Networking Lab at Technische Universität Darmstadt
Entry added October 29, 2019
VoiceOver
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8775: videosdebarraquito
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Visiting a maliciously crafted website may reveal browsing
history
Description: An issue existed in the drawing of web page elements.
CVE-2019-8710: found by OSS-Fuzz
CVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin
Group
CVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8763: Sergei Glazunov of Google Project Zero
CVE-2019-8765: Samuel Groß of Google Project Zero
CVE-2019-8766: found by OSS-Fuzz
CVE-2019-8773: found by OSS-Fuzz
Additional recognition
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum for their assistance.
Entry added October 29, 2019
Find My iPhone
We would like to acknowledge an anonymous researcher for their
assistance.
Identity Service
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Share Sheet
We would like to acknowledge Milan Stute of Secure Mobile Networking
Lab at Technische Universität Darmstadt for their assistance.
Status Bar
We would like to acknowledge Isaiah Kahler, Mohammed Adham, and an
anonymous researcher for their assistance.
Telephony
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.1 and iPadOS 13.1". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
====================================================================
1. Summary:
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch
3. Description:
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.
The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm
ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm
s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm
s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. References:
https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z
rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01
RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM
XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK
R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1
PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467
eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX
rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ
1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe
PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr
w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh
PKg+HFNkMjk=dS3G
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
. ------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006
------------------------------------------------------------------------
Date reported : November 08, 2019
Advisory ID : WSA-2019-0006
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0006.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0006.html
CVE identifiers : CVE-2019-8710, CVE-2019-8743, CVE-2019-8764,
CVE-2019-8765, CVE-2019-8766, CVE-2019-8782,
CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814,
CVE-2019-8815, CVE-2019-8816, CVE-2019-8819,
CVE-2019-8820, CVE-2019-8821, CVE-2019-8822,
CVE-2019-8823.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2019-8710
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8743
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
CVE-2019-8764
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8765
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8766
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8782
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8783
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Graylab Security Team.
CVE-2019-8808
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8811
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8812
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to an anonymous researcher.
CVE-2019-8813
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to an anonymous researcher.
CVE-2019-8814
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8815
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Apple.
CVE-2019-8816
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8819
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8820
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8821
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8822
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8823
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Sergei Glazunov of Google Project Zero.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
November 08, 2019
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 15, 2020
Bugs: #699156, #706374, #709612
ID: 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4"
References
==========
[ 1 ] CVE-2019-8625
https://nvd.nist.gov/vuln/detail/CVE-2019-8625
[ 2 ] CVE-2019-8674
https://nvd.nist.gov/vuln/detail/CVE-2019-8674
[ 3 ] CVE-2019-8707
https://nvd.nist.gov/vuln/detail/CVE-2019-8707
[ 4 ] CVE-2019-8710
https://nvd.nist.gov/vuln/detail/CVE-2019-8710
[ 5 ] CVE-2019-8719
https://nvd.nist.gov/vuln/detail/CVE-2019-8719
[ 6 ] CVE-2019-8720
https://nvd.nist.gov/vuln/detail/CVE-2019-8720
[ 7 ] CVE-2019-8726
https://nvd.nist.gov/vuln/detail/CVE-2019-8726
[ 8 ] CVE-2019-8733
https://nvd.nist.gov/vuln/detail/CVE-2019-8733
[ 9 ] CVE-2019-8735
https://nvd.nist.gov/vuln/detail/CVE-2019-8735
[ 10 ] CVE-2019-8743
https://nvd.nist.gov/vuln/detail/CVE-2019-8743
[ 11 ] CVE-2019-8763
https://nvd.nist.gov/vuln/detail/CVE-2019-8763
[ 12 ] CVE-2019-8764
https://nvd.nist.gov/vuln/detail/CVE-2019-8764
[ 13 ] CVE-2019-8765
https://nvd.nist.gov/vuln/detail/CVE-2019-8765
[ 14 ] CVE-2019-8766
https://nvd.nist.gov/vuln/detail/CVE-2019-8766
[ 15 ] CVE-2019-8768
https://nvd.nist.gov/vuln/detail/CVE-2019-8768
[ 16 ] CVE-2019-8769
https://nvd.nist.gov/vuln/detail/CVE-2019-8769
[ 17 ] CVE-2019-8771
https://nvd.nist.gov/vuln/detail/CVE-2019-8771
[ 18 ] CVE-2019-8782
https://nvd.nist.gov/vuln/detail/CVE-2019-8782
[ 19 ] CVE-2019-8783
https://nvd.nist.gov/vuln/detail/CVE-2019-8783
[ 20 ] CVE-2019-8808
https://nvd.nist.gov/vuln/detail/CVE-2019-8808
[ 21 ] CVE-2019-8811
https://nvd.nist.gov/vuln/detail/CVE-2019-8811
[ 22 ] CVE-2019-8812
https://nvd.nist.gov/vuln/detail/CVE-2019-8812
[ 23 ] CVE-2019-8813
https://nvd.nist.gov/vuln/detail/CVE-2019-8813
[ 24 ] CVE-2019-8814
https://nvd.nist.gov/vuln/detail/CVE-2019-8814
[ 25 ] CVE-2019-8815
https://nvd.nist.gov/vuln/detail/CVE-2019-8815
[ 26 ] CVE-2019-8816
https://nvd.nist.gov/vuln/detail/CVE-2019-8816
[ 27 ] CVE-2019-8819
https://nvd.nist.gov/vuln/detail/CVE-2019-8819
[ 28 ] CVE-2019-8820
https://nvd.nist.gov/vuln/detail/CVE-2019-8820
[ 29 ] CVE-2019-8821
https://nvd.nist.gov/vuln/detail/CVE-2019-8821
[ 30 ] CVE-2019-8822
https://nvd.nist.gov/vuln/detail/CVE-2019-8822
[ 31 ] CVE-2019-8823
https://nvd.nist.gov/vuln/detail/CVE-2019-8823
[ 32 ] CVE-2019-8835
https://nvd.nist.gov/vuln/detail/CVE-2019-8835
[ 33 ] CVE-2019-8844
https://nvd.nist.gov/vuln/detail/CVE-2019-8844
[ 34 ] CVE-2019-8846
https://nvd.nist.gov/vuln/detail/CVE-2019-8846
[ 35 ] CVE-2020-3862
https://nvd.nist.gov/vuln/detail/CVE-2020-3862
[ 36 ] CVE-2020-3864
https://nvd.nist.gov/vuln/detail/CVE-2020-3864
[ 37 ] CVE-2020-3865
https://nvd.nist.gov/vuln/detail/CVE-2020-3865
[ 38 ] CVE-2020-3867
https://nvd.nist.gov/vuln/detail/CVE-2020-3867
[ 39 ] CVE-2020-3868
https://nvd.nist.gov/vuln/detail/CVE-2020-3868
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-22
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
| VAR-201912-1850 | CVE-2019-8811 | plural Apple Updates to product vulnerabilities |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Apple watchOS prior to 6.1; Safari prior to 13.0.3; iOS prior to 13.2; iPadOS prior to 13.2; tvOS prior to 13.2; Windows-based iCloud prior to 11.0; Windows-based iTunes 12.10 .2 version; versions prior to iCloud 7.15 based on the Windows platform. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-6237)
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. (CVE-2019-8601)
An out-of-bounds read was addressed with improved input validation. (CVE-2019-8644)
A logic issue existed in the handling of synchronous page loads. (CVE-2019-8689)
A logic issue existed in the handling of document loads. (CVE-2019-8719)
This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. This issue is fixed in watchOS 6.1. (CVE-2019-8766)
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue is fixed in macOS Catalina 10.15. A user may be unable to delete browsing history items. (CVE-2019-8768)
An issue existed in the drawing of web page elements. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)
This issue was addressed with improved iframe sandbox enforcement. (CVE-2019-8846)
WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018)
A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. A malicious website may be able to cause a denial of service. A DOM object context may not have had a unique security origin. A file URL may be incorrectly processed. (CVE-2020-3885)
A race condition was addressed with additional validation. An application may be able to read restricted memory. (CVE-2020-3901)
An input validation issue was addressed with improved input validation. (CVE-2020-3902). -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update
Advisory ID: RHSA-2020:5605-01
Product: Red Hat OpenShift Container Storage
Advisory URL: https://access.redhat.com/errata/RHSA-2020:5605
Issue date: 2020-12-17
CVE Names: CVE-2018-10103 CVE-2018-10105 CVE-2018-14461
CVE-2018-14462 CVE-2018-14463 CVE-2018-14464
CVE-2018-14465 CVE-2018-14466 CVE-2018-14467
CVE-2018-14468 CVE-2018-14469 CVE-2018-14470
CVE-2018-14879 CVE-2018-14880 CVE-2018-14881
CVE-2018-14882 CVE-2018-16227 CVE-2018-16228
CVE-2018-16229 CVE-2018-16230 CVE-2018-16300
CVE-2018-16451 CVE-2018-16452 CVE-2018-20843
CVE-2019-1551 CVE-2019-5018 CVE-2019-8625
CVE-2019-8710 CVE-2019-8720 CVE-2019-8743
CVE-2019-8764 CVE-2019-8766 CVE-2019-8769
CVE-2019-8771 CVE-2019-8782 CVE-2019-8783
CVE-2019-8808 CVE-2019-8811 CVE-2019-8812
CVE-2019-8813 CVE-2019-8814 CVE-2019-8815
CVE-2019-8816 CVE-2019-8819 CVE-2019-8820
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11068 CVE-2019-13050
CVE-2019-13627 CVE-2019-14889 CVE-2019-15165
CVE-2019-15166 CVE-2019-15903 CVE-2019-16168
CVE-2019-16935 CVE-2019-18197 CVE-2019-18609
CVE-2019-19221 CVE-2019-19906 CVE-2019-19956
CVE-2019-20218 CVE-2019-20387 CVE-2019-20388
CVE-2019-20454 CVE-2019-20807 CVE-2019-20907
CVE-2019-20916 CVE-2020-1730 CVE-2020-1751
CVE-2020-1752 CVE-2020-3862 CVE-2020-3864
CVE-2020-3865 CVE-2020-3867 CVE-2020-3868
CVE-2020-3885 CVE-2020-3894 CVE-2020-3895
CVE-2020-3897 CVE-2020-3899 CVE-2020-3900
CVE-2020-3901 CVE-2020-3902 CVE-2020-6405
CVE-2020-7595 CVE-2020-7720 CVE-2020-8177
CVE-2020-8237 CVE-2020-8492 CVE-2020-9327
CVE-2020-9802 CVE-2020-9803 CVE-2020-9805
CVE-2020-9806 CVE-2020-9807 CVE-2020-9843
CVE-2020-9850 CVE-2020-9862 CVE-2020-9893
CVE-2020-9894 CVE-2020-9895 CVE-2020-9915
CVE-2020-9925 CVE-2020-10018 CVE-2020-10029
CVE-2020-11793 CVE-2020-13630 CVE-2020-13631
CVE-2020-13632 CVE-2020-14019 CVE-2020-14040
CVE-2020-14382 CVE-2020-14391 CVE-2020-14422
CVE-2020-15503 CVE-2020-15586 CVE-2020-16845
CVE-2020-25660
=====================================================================
1. Summary:
Updated images are now available for Red Hat OpenShift Container Storage
4.6.0 on Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Description:
Red Hat OpenShift Container Storage is software-defined storage integrated
with and optimized for the Red Hat OpenShift Container Platform. Red Hat
OpenShift Container Storage is a highly scalable, production-grade
persistent storage for stateful applications running in the Red Hat
OpenShift Container Platform. In addition to persistent storage, Red Hat
OpenShift Container Storage provisions a multicloud data management service
with an S3 compatible API.
These updated images include numerous security fixes, bug fixes, and
enhancements.
Security Fix(es):
* nodejs-node-forge: prototype pollution via the util.setPath function
(CVE-2020-7720)
* nodejs-json-bigint: Prototype pollution via `__proto__` assignment could
result in DoS (CVE-2020-8237)
* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)
* golang: data race in certain net/http servers including ReverseProxy can
lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes
from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Users are directed to the Red Hat OpenShift Container Storage Release Notes
for information on the most significant of these changes:
https://access.redhat.com/documentation/en-us/red_hat_openshift_container_s
torage/4.6/html/4.6_release_notes/index
All Red Hat OpenShift Container Storage users are advised to upgrade to
these updated images.
3. Bugs fixed (https://bugzilla.redhat.com/):
1806266 - Require an extension to the cephfs subvolume commands, that can return metadata regarding a subvolume
1813506 - Dockerfile not compatible with docker and buildah
1817438 - OSDs not distributed uniformly across OCS nodes on a 9-node AWS IPI setup
1817850 - [BAREMETAL] rook-ceph-operator does not reconcile when osd deployment is deleted when performed node replacement
1827157 - OSD hitting default CPU limit on AWS i3en.2xlarge instances limiting performance
1829055 - [RFE] add insecureEdgeTerminationPolicy: Redirect to noobaa mgmt route (http to https)
1833153 - add a variable for sleep time of rook operator between checks of downed OSD+Node.
1836299 - NooBaa Operator deploys with HPA that fires maxreplicas alerts by default
1842254 - [NooBaa] Compression stats do not add up when compression id disabled
1845976 - OCS 4.5 Independent mode: must-gather commands fails to collect ceph command outputs from external cluster
1849771 - [RFE] Account created by OBC should have same permissions as bucket owner
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1854500 - [tracker-rhcs bug 1838931] mgr/volumes: add command to return metadata of a subvolume snapshot
1854501 - [Tracker-rhcs bug 1848494 ]pybind/mgr/volumes: Add the ability to keep snapshots of subvolumes independent of the source subvolume
1854503 - [tracker-rhcs-bug 1848503] cephfs: Provide alternatives to increase the total cephfs subvolume snapshot counts to greater than the current 400 across a Cephfs volume
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1858195 - [GSS] registry pod stuck in ContainerCreating due to pvc from cephfs storage class fail to mount
1859183 - PV expansion is failing in retry loop in pre-existing PV after upgrade to OCS 4.5 (i.e. if the PV spec does not contain expansion params)
1859229 - Rook should delete extra MON PVCs in case first reconcile takes too long and rook skips "b" and "c" (spawned from Bug 1840084#c14)
1859478 - OCS 4.6 : Upon deployment, CSI Pods in CLBO with error - flag provided but not defined: -metadatastorage
1860022 - OCS 4.6 Deployment: LBP CSV and pod should not be deployed since ob/obc CRDs are owned from OCS 4.5 onwards
1860034 - OCS 4.6 Deployment in ocs-ci : Toolbox pod in ContainerCreationError due to key admin-secret not found
1860670 - OCS 4.5 Uninstall External: Openshift-storage namespace in Terminating state as CephObjectStoreUser had finalizers remaining
1860848 - Add validation for rgw-pool-prefix in the ceph-external-cluster-details-exporter script
1861780 - [Tracker BZ1866386][IBM s390x] Mount Failed for CEPH while running couple of OCS test cases.
1865938 - CSIDrivers missing in OCS 4.6
1867024 - [ocs-operator] operator v4.6.0-519.ci is in Installing state
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868060 - [External Cluster] Noobaa-default-backingstore PV in released state upon OCS 4.5 uninstall (Secret not found)
1868703 - [rbd] After volume expansion, the new size is not reflected on the pod
1869411 - capture full crash information from ceph
1870061 - [RHEL][IBM] OCS un-install should make the devices raw
1870338 - OCS 4.6 must-gather : ocs-must-gather-xxx-helper pod in ContainerCreationError (couldn't find key admin-secret)
1870631 - OCS 4.6 Deployment : RGW pods went into 'CrashLoopBackOff' state on Z Platform
1872119 - Updates don't work on StorageClass which will keep PV expansion disabled for upgraded cluster
1872696 - [ROKS][RFE]NooBaa Configure IBM COS as default backing store
1873864 - Noobaa: On an baremetal RHCOS cluster, some backingstores are stuck in PROGRESSING state with INVALID_ENDPOINT TemporaryError
1874606 - CVE-2020-7720 nodejs-node-forge: prototype pollution via the util.setPath function
1875476 - Change noobaa logo in the noobaa UI
1877339 - Incorrect use of logr
1877371 - NooBaa UI warning message on Deploy Kubernetes Pool process - typo and shown number is incorrect
1878153 - OCS 4.6 must-gather: collect node information under cluster_scoped_resources/oc_output directory
1878714 - [FIPS enabled] BadDigest error on file upload to noobaa bucket
1878853 - [External Mode] ceph-external-cluster-details-exporter.py does not tolerate TLS enabled RGW
1879008 - ocs-osd-removal job fails because it can't find admin-secret in rook-ceph-mon secret
1879072 - Deployment with encryption at rest is failing to bring up OSD pods
1879919 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1880255 - Collect rbd info and subvolume info and snapshot info command output
1881028 - CVE-2020-8237 nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS
1881071 - [External] Upgrade mechanism from OCS 4.5 to OCS 4.6 needs to be fixed
1882397 - MCG decompression problem with snappy on s390x arch
1883253 - CSV doesn't contain values required for UI to enable minimal deployment and cluster encryption
1883398 - Update csi sidecar containers in rook
1883767 - Using placement strategies in cluster-service.yaml causes ocs-operator to crash
1883810 - [External mode] RGW metrics is not available after OCS upgrade from 4.5 to 4.6
1883927 - Deployment with encryption at rest is failing to bring up OSD pods
1885175 - Handle disappeared underlying device for encrypted OSD
1885428 - panic seen in rook-ceph during uninstall - "close of closed channel"
1885648 - [Tracker for https://bugzilla.redhat.com/show_bug.cgi?id=1885700] FSTYPE for localvolumeset devices shows up as ext2 after uninstall
1885971 - ocs-storagecluster-cephobjectstore doesn't report true state of RGW
1886308 - Default VolumeSnapshot Classes not created in External Mode
1886348 - osd removal job failed with status "Error"
1886551 - Clone creation failed after timeout of 5 hours of Azure platrom for 3 CephFS PVCs ( PVC sizes: 1, 25 and 100 GB)
1886709 - [External] RGW storageclass disappears after upgrade from OCS 4.5 to 4.6
1886859 - OCS 4.6: Uninstall stuck indefinitely if any Ceph pods are in Pending state before uninstall
1886873 - [OCS 4.6 External/Internal Uninstall] - Storage Cluster deletion stuck indefinitely, "failed to delete object store", remaining users: [noobaa-ceph-objectstore-user]
1888583 - [External] When deployment is attempted without specifying the monitoring-endpoint while generating JSON, the CSV is stuck in installing state
1888593 - [External] Add validation for monitoring-endpoint and port in the exporter script
1888614 - [External] Unreachable monitoring-endpoint used during deployment causes ocs-operator to crash
1889441 - Traceback error message while running OCS 4.6 must-gather
1889683 - [GSS] Noobaa Problem when setting public access to a bucket
1889866 - Post node power off/on, an unused MON PVC still stays back in the cluster
1890183 - [External] ocs-operator logs are filled with "failed to reconcile metrics exporter"
1890638 - must-gather helper pod should be deleted after collecting ceph crash info
1890971 - [External] RGW metrics are not available if anything else except 9283 is provided as the monitoring-endpoint-port
1891856 - ocs-metrics-exporter pod should have tolerations for OCS taint
1892206 - [GSS] Ceph image/version mismatch
1892234 - clone #95 creation failed for CephFS PVC ( 10 GB PVC size) during multiple clones creation test
1893624 - Must Gather is not collecting the tar file from NooBaa diagnose
1893691 - OCS4.6 must_gather failes to complete in 600sec
1893714 - Bad response for upload an object with encryption
1895402 - Mon pods didn't get upgraded in 720 second timeout from OCS 4.5 upgrade to 4.6
1896298 - [RFE] Monitoring for Namespace buckets and resources
1896831 - Clone#452 for RBD PVC ( PVC size 1 GB) failed to be created for 600 secs
1898521 - [CephFS] Deleting cephfsplugin pod along with app pods will make PV remain in Released state after deleting the PVC
1902627 - must-gather should wait for debug pods to be in ready state
1904171 - RGW Service is unavailable for a short period during upgrade to OCS 4.6
5. References:
https://access.redhat.com/security/cve/CVE-2018-10103
https://access.redhat.com/security/cve/CVE-2018-10105
https://access.redhat.com/security/cve/CVE-2018-14461
https://access.redhat.com/security/cve/CVE-2018-14462
https://access.redhat.com/security/cve/CVE-2018-14463
https://access.redhat.com/security/cve/CVE-2018-14464
https://access.redhat.com/security/cve/CVE-2018-14465
https://access.redhat.com/security/cve/CVE-2018-14466
https://access.redhat.com/security/cve/CVE-2018-14467
https://access.redhat.com/security/cve/CVE-2018-14468
https://access.redhat.com/security/cve/CVE-2018-14469
https://access.redhat.com/security/cve/CVE-2018-14470
https://access.redhat.com/security/cve/CVE-2018-14879
https://access.redhat.com/security/cve/CVE-2018-14880
https://access.redhat.com/security/cve/CVE-2018-14881
https://access.redhat.com/security/cve/CVE-2018-14882
https://access.redhat.com/security/cve/CVE-2018-16227
https://access.redhat.com/security/cve/CVE-2018-16228
https://access.redhat.com/security/cve/CVE-2018-16229
https://access.redhat.com/security/cve/CVE-2018-16230
https://access.redhat.com/security/cve/CVE-2018-16300
https://access.redhat.com/security/cve/CVE-2018-16451
https://access.redhat.com/security/cve/CVE-2018-16452
https://access.redhat.com/security/cve/CVE-2018-20843
https://access.redhat.com/security/cve/CVE-2019-1551
https://access.redhat.com/security/cve/CVE-2019-5018
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11068
https://access.redhat.com/security/cve/CVE-2019-13050
https://access.redhat.com/security/cve/CVE-2019-13627
https://access.redhat.com/security/cve/CVE-2019-14889
https://access.redhat.com/security/cve/CVE-2019-15165
https://access.redhat.com/security/cve/CVE-2019-15166
https://access.redhat.com/security/cve/CVE-2019-15903
https://access.redhat.com/security/cve/CVE-2019-16168
https://access.redhat.com/security/cve/CVE-2019-16935
https://access.redhat.com/security/cve/CVE-2019-18197
https://access.redhat.com/security/cve/CVE-2019-18609
https://access.redhat.com/security/cve/CVE-2019-19221
https://access.redhat.com/security/cve/CVE-2019-19906
https://access.redhat.com/security/cve/CVE-2019-19956
https://access.redhat.com/security/cve/CVE-2019-20218
https://access.redhat.com/security/cve/CVE-2019-20387
https://access.redhat.com/security/cve/CVE-2019-20388
https://access.redhat.com/security/cve/CVE-2019-20454
https://access.redhat.com/security/cve/CVE-2019-20807
https://access.redhat.com/security/cve/CVE-2019-20907
https://access.redhat.com/security/cve/CVE-2019-20916
https://access.redhat.com/security/cve/CVE-2020-1730
https://access.redhat.com/security/cve/CVE-2020-1751
https://access.redhat.com/security/cve/CVE-2020-1752
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-6405
https://access.redhat.com/security/cve/CVE-2020-7595
https://access.redhat.com/security/cve/CVE-2020-7720
https://access.redhat.com/security/cve/CVE-2020-8177
https://access.redhat.com/security/cve/CVE-2020-8237
https://access.redhat.com/security/cve/CVE-2020-8492
https://access.redhat.com/security/cve/CVE-2020-9327
https://access.redhat.com/security/cve/CVE-2020-9802
https://access.redhat.com/security/cve/CVE-2020-9803
https://access.redhat.com/security/cve/CVE-2020-9805
https://access.redhat.com/security/cve/CVE-2020-9806
https://access.redhat.com/security/cve/CVE-2020-9807
https://access.redhat.com/security/cve/CVE-2020-9843
https://access.redhat.com/security/cve/CVE-2020-9850
https://access.redhat.com/security/cve/CVE-2020-9862
https://access.redhat.com/security/cve/CVE-2020-9893
https://access.redhat.com/security/cve/CVE-2020-9894
https://access.redhat.com/security/cve/CVE-2020-9895
https://access.redhat.com/security/cve/CVE-2020-9915
https://access.redhat.com/security/cve/CVE-2020-9925
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-10029
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/cve/CVE-2020-13630
https://access.redhat.com/security/cve/CVE-2020-13631
https://access.redhat.com/security/cve/CVE-2020-13632
https://access.redhat.com/security/cve/CVE-2020-14019
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/cve/CVE-2020-14382
https://access.redhat.com/security/cve/CVE-2020-14391
https://access.redhat.com/security/cve/CVE-2020-14422
https://access.redhat.com/security/cve/CVE-2020-15503
https://access.redhat.com/security/cve/CVE-2020-15586
https://access.redhat.com/security/cve/CVE-2020-16845
https://access.redhat.com/security/cve/CVE-2020-25660
https://access.redhat.com/security/updates/classification/#moderate
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
The compliance-operator image updates are now available for OpenShift
Container Platform 4.6.
This advisory provides the following updates among others:
* Enhances profile parsing time.
* Fixes excessive resource consumption from the Operator.
* Fixes default content image.
* Fixes outdated remediation handling. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which
will be updated shortly for this release, for important instructions on how
to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel
ease-notes.html
Details on how to access this content are available at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster
- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1918990 - ComplianceSuite scans use quay content image for initContainer
1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present
1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules
1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console.
CVE-2019-8750: found by OSS-Fuzz
VoiceOver
Available for: Apple Watch Series 1 and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
Alternatively, on your watch, select "My Watch > General > About". Bugs fixed (https://bugzilla.redhat.com/):
1732329 - Virtual Machine is missing documentation of its properties in yaml editor
1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv
1791753 - [RFE] [SSP] Template validator should check validations in template's parent template
1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration
1848956 - KMP requires downtime for CA stabilization during certificate rotation
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1853911 - VM with dot in network name fails to start with unclear message
1854098 - NodeNetworkState on workers doesn't have "status" key due to nmstate-handler pod failure to run "nmstatectl show"
1856347 - SR-IOV : Missing network name for sriov during vm setup
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination
1860714 - No API information from `oc explain`
1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints
1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem
1866593 - CDI is not handling vm disk clone
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868817 - Container-native Virtualization 2.6.0 Images
1873771 - Improve the VMCreationFailed error message caused by VM low memory
1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it
1878499 - DV import doesn't recover from scratch space PVC deletion
1879108 - Inconsistent naming of "oc virt" command in help text
1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running
1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message
1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used
1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, *before* the NodeNetworkConfigurationPolicy is applied
1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request.
1891285 - Common templates and kubevirt-config cm - update machine-type
1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface fail with unclear error
1892227 - [SSP] cluster scoped resources are not being reconciled
1893278 - openshift-virtualization-os-images namespace not seen by user
1893646 - [HCO] Pod placement configuration - dry run is not performed for all the configuration stanza
1894428 - Message for VMI not migratable is not clear enough
1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and not always Medium
1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is deleted during the import
1895414 - Virt-operator is accepting updates to the placement of its workload components even with running VMs
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1898072 - Add Fedora33 to Fedora common templates
1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail
1899558 - CNV 2.6 - nmstate fails to set state
1901480 - VM disk io can't worked if namespace have label kubemacpool
1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig)
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1903014 - hco-webhook pod in CreateContainerError
1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode
1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency mode/safe mode when target storage is NFS and target namespace is NOT "default"
1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers
1907151 - kubevirt version is not reported correctly via virtctl
1907352 - VM/VMI link changes to `kubevirt.io~v1~VirtualMachineInstance` on CNV 2.6
1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused "Internal error occurred" for creating datavolume
1907988 - VM loses dynamic IP address of its default interface after migration
1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than default disables br-ex bridge and nodes lose connectivity
1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed: INACCESSIBLE BOOT DEVICE error
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import to Ceph RBD/BLOCK fails on "qemu-img: /data/disk.img" error
1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO
1911118 - Windows VMI LiveMigration / shutdown fails on 'XML error: non unique alias detected: ua-')
1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e interface
1911662 - el6 guests don't work properly if virtio bus is specified on various devices
1912908 - Allow using "scsi" bus for disks in template validation
1913248 - Creating vlan interface on top of a bond device via NodeNetworkConfigurationPolicy fails
1913320 - Informative message needed with virtctl image-upload, that additional step is needed from the user
1913717 - Users should have read permitions for golden images data volumes
1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes
1914177 - CNV does not preallocate blank file data volumes
1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker nodes
1914947 - HPP golden images - DV shoudld not be created with WaitForFirstConsumer
1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block
1917963 - [CNV 2.6] Unable to install CNV disconnected - requires kvm-info-nfd-plugin which is not mirrored
1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
1920576 - HCO can report ready=true when it failed to create a CR for a component operator
1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster Operator
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring bridge device using ip tool
1927373 - NoExecute taint violates pdb; VMIs are not live migrated
1931376 - VMs disconnected from nmstate-defined bridge after CNV-2.5.4->CNV-2.6.0 upgrade
5.
Installation note:
Safari 13.0.3 may be obtained from the Mac App Store. ------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2019-0006
------------------------------------------------------------------------
Date reported : November 08, 2019
Advisory ID : WSA-2019-0006
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2019-0006.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2019-0006.html
CVE identifiers : CVE-2019-8710, CVE-2019-8743, CVE-2019-8764,
CVE-2019-8765, CVE-2019-8766, CVE-2019-8782,
CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814,
CVE-2019-8815, CVE-2019-8816, CVE-2019-8819,
CVE-2019-8820, CVE-2019-8821, CVE-2019-8822,
CVE-2019-8823.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2019-8710
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8743
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to zhunki from Codesafe Team of Legendsec at Qi'anxin Group.
CVE-2019-8764
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8765
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8766
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8782
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8783
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Graylab Security Team.
CVE-2019-8808
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to found by OSS-Fuzz.
CVE-2019-8811
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8812
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to an anonymous researcher.
CVE-2019-8813
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to an anonymous researcher.
CVE-2019-8814
Versions affected: WebKitGTK before 2.26.2 and WPE WebKit before
2.26.2.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8815
Versions affected: WebKitGTK before 2.26.0 and WPE WebKit before
2.26.0.
Credit to Apple.
CVE-2019-8816
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Soyeon Park of SSLab at Georgia Tech.
CVE-2019-8819
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Cheolung Lee of LINE+ Security Team.
CVE-2019-8820
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Samuel Groß of Google Project Zero.
CVE-2019-8821
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8822
Versions affected: WebKitGTK before 2.24.4 and WPE WebKit before
2.24.3.
Credit to Sergei Glazunov of Google Project Zero.
CVE-2019-8823
Versions affected: WebKitGTK before 2.26.1 and WPE WebKit before
2.26.1.
Credit to Sergei Glazunov of Google Project Zero.
We recommend updating to the latest stable versions of WebKitGTK and WPE
WebKit. It is the best way to ensure that you are running safe versions
of WebKit. Please check our websites for information about the latest
stable releases.
Further information about WebKitGTK and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK and WPE WebKit team,
November 08, 2019
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 15, 2020
Bugs: #699156, #706374, #709612
ID: 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Background
==========
WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration, from
hybrid HTML/CSS applications to full-fledged web browsers.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4"
References
==========
[ 1 ] CVE-2019-8625
https://nvd.nist.gov/vuln/detail/CVE-2019-8625
[ 2 ] CVE-2019-8674
https://nvd.nist.gov/vuln/detail/CVE-2019-8674
[ 3 ] CVE-2019-8707
https://nvd.nist.gov/vuln/detail/CVE-2019-8707
[ 4 ] CVE-2019-8710
https://nvd.nist.gov/vuln/detail/CVE-2019-8710
[ 5 ] CVE-2019-8719
https://nvd.nist.gov/vuln/detail/CVE-2019-8719
[ 6 ] CVE-2019-8720
https://nvd.nist.gov/vuln/detail/CVE-2019-8720
[ 7 ] CVE-2019-8726
https://nvd.nist.gov/vuln/detail/CVE-2019-8726
[ 8 ] CVE-2019-8733
https://nvd.nist.gov/vuln/detail/CVE-2019-8733
[ 9 ] CVE-2019-8735
https://nvd.nist.gov/vuln/detail/CVE-2019-8735
[ 10 ] CVE-2019-8743
https://nvd.nist.gov/vuln/detail/CVE-2019-8743
[ 11 ] CVE-2019-8763
https://nvd.nist.gov/vuln/detail/CVE-2019-8763
[ 12 ] CVE-2019-8764
https://nvd.nist.gov/vuln/detail/CVE-2019-8764
[ 13 ] CVE-2019-8765
https://nvd.nist.gov/vuln/detail/CVE-2019-8765
[ 14 ] CVE-2019-8766
https://nvd.nist.gov/vuln/detail/CVE-2019-8766
[ 15 ] CVE-2019-8768
https://nvd.nist.gov/vuln/detail/CVE-2019-8768
[ 16 ] CVE-2019-8769
https://nvd.nist.gov/vuln/detail/CVE-2019-8769
[ 17 ] CVE-2019-8771
https://nvd.nist.gov/vuln/detail/CVE-2019-8771
[ 18 ] CVE-2019-8782
https://nvd.nist.gov/vuln/detail/CVE-2019-8782
[ 19 ] CVE-2019-8783
https://nvd.nist.gov/vuln/detail/CVE-2019-8783
[ 20 ] CVE-2019-8808
https://nvd.nist.gov/vuln/detail/CVE-2019-8808
[ 21 ] CVE-2019-8811
https://nvd.nist.gov/vuln/detail/CVE-2019-8811
[ 22 ] CVE-2019-8812
https://nvd.nist.gov/vuln/detail/CVE-2019-8812
[ 23 ] CVE-2019-8813
https://nvd.nist.gov/vuln/detail/CVE-2019-8813
[ 24 ] CVE-2019-8814
https://nvd.nist.gov/vuln/detail/CVE-2019-8814
[ 25 ] CVE-2019-8815
https://nvd.nist.gov/vuln/detail/CVE-2019-8815
[ 26 ] CVE-2019-8816
https://nvd.nist.gov/vuln/detail/CVE-2019-8816
[ 27 ] CVE-2019-8819
https://nvd.nist.gov/vuln/detail/CVE-2019-8819
[ 28 ] CVE-2019-8820
https://nvd.nist.gov/vuln/detail/CVE-2019-8820
[ 29 ] CVE-2019-8821
https://nvd.nist.gov/vuln/detail/CVE-2019-8821
[ 30 ] CVE-2019-8822
https://nvd.nist.gov/vuln/detail/CVE-2019-8822
[ 31 ] CVE-2019-8823
https://nvd.nist.gov/vuln/detail/CVE-2019-8823
[ 32 ] CVE-2019-8835
https://nvd.nist.gov/vuln/detail/CVE-2019-8835
[ 33 ] CVE-2019-8844
https://nvd.nist.gov/vuln/detail/CVE-2019-8844
[ 34 ] CVE-2019-8846
https://nvd.nist.gov/vuln/detail/CVE-2019-8846
[ 35 ] CVE-2020-3862
https://nvd.nist.gov/vuln/detail/CVE-2020-3862
[ 36 ] CVE-2020-3864
https://nvd.nist.gov/vuln/detail/CVE-2020-3864
[ 37 ] CVE-2020-3865
https://nvd.nist.gov/vuln/detail/CVE-2020-3865
[ 38 ] CVE-2020-3867
https://nvd.nist.gov/vuln/detail/CVE-2020-3867
[ 39 ] CVE-2020-3868
https://nvd.nist.gov/vuln/detail/CVE-2020-3868
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-22
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2
iOS 13.2 and iPadOS 13.2 are now available and address the following:
Accounts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
Associated Domains
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
AVEVideoEncoder
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8795: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
File System Events
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics Driver
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8804: Christy Philip Mathew of Zimperium, Inc
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8813: an anonymous researcher
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8815: Apple
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
WebKit
We would like to acknowledge Dlive of Tencent's Xuanwu Lab and Zhiyi
Zhang of Codesafe Team of Legendsec at Qi'anxin Group for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3v+g/+
Mffrv0Z/ZyoODELKoxbPFVk0AsQoZoOk5k2h84WaUyA9hJ007Ptv2ENTAU6xIOf4
F1ksBThWEeDJ/ucvJBbE5+V+F+8AkOhRLvvBvoH+u8x2vhUQK3Li5ojCgBptEHWU
BnCFBHpbYXKxlyudqGfK3lLv3LChkNQpteYIB3asnY9H2uxHeofus8pOtGWuiG50
n8jdM8TriFlPamPOtHCvRT09j5OYOsZpS6eVFey6nWaWhaYQfbo0gk4cBaTjzmUW
4NvWYbxK9w/OmQN/QXdJ+H3cLqPhWBh5pmXrWlZTCYXlkD9XggsQL1/P7chkS/gp
LdmG1VktxfWQQtfvwtzB2en3Xwd4xnkOcEcCdEIanQushCTagGNjNJN6a6PQy5lh
FUHT8bDHBHV1bsirxGhV8lPk9byghCwcoC69ptCfPohDAVr20nVrPoxklWDlVYiC
C3tbp2obFI2IV6LKPD4DUyPUo/VOv33j9+en8stZghLF7IuTJYm7V7PMuauxmXX4
wxrhDmrrA/H3GHeP/qHTlb0TcUurP3PoLU1GRn1djDccL607Gd49ezrvTIQxpU8N
ZzgAdXeNgy3vjR88w6ZqUmpNWN8WItfwWQ7cRV+CiFGywcA+J23mzUWUNyYVLHUv
/NnyM25nIe8IOrwFa2S/PaaMFr2fCvZeUkuG2/IYFh0=
=QoQv
-----END PGP SIGNATURE-----
| VAR-201912-0563 | CVE-2019-8747 | plural Apple Updates to product vulnerabilities |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. A security vulnerability exists in the AppleFirmwareUpdateKext component in Apple iOS versions prior to 13.1, iPadOS versions prior to 13.1, and watchOS versions prior to 6.1. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-9 Additional information
for APPLE-SA-2019-9-26-6 tvOS 13
tvOS 13 addresses the following:
AppleFirmwareUpdateKext
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2019-8747: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Entry added October 29, 2019
CFNetwork
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
CoreCrypto
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
Foundation
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2019-8740: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to determine kernel
memory layout
Description: The issue was addressed with improved permissions logic.
CVE-2019-8780: Siguza
Entry added October 29, 2019
Keyboards
Available for: Apple TV 4K and Apple TV HD
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: Apple TV 4K and Apple TV HD
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
libxslt
Available for: Apple TV 4K and Apple TV HD
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
Entry added October 29, 2019
mDNSResponder
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in physical proximity may be able to passively
observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a
random identifier.
CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile
Networking Lab at Technische Universität Darmstadt
Entry added October 29, 2019
UIFoundation
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8710: found by OSS-Fuzz
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin
Group
CVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8763: Sergei Glazunov of Google Project Zero
CVE-2019-8765: Samuel Groß of Google Project Zero
CVE-2019-8766: found by OSS-Fuzz
CVE-2019-8773: found by OSS-Fuzz
Additional recognition
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Entry added October 29, 2019
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum and Thijs Alkemade (@xnyhps) of Computest for their
assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5YpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M0YchAA
jI2eRdy8AoKd5E9xzIGpItuTINxIrpmJ7DLc5gGiCivdWfrIA1uqBdF+ACaaJKUm
g1BGl1APui1r8ad4a1guUjVWsw7anVpORj/de/S80lylWR/4Fyhr2MCC1rq2twYs
2MlKiJ+KsQKM8Sf9QECrKivmQYI2Ssqwq8VwadsfZ6Mxrou7726bfjZ0+dlOSf0m
ilG2hiOvc5mB8ZLvjQBXwLKdD3Li9DBQohpAM5VULymHmDUlWPPSdwkvdTxkMDYt
9pmhEq28K7oOCtCFD8SvAru/lNqJ6Q7sSTpzhnya8yh1sxKmfm0e7PQn08vX4JJ4
JCCj+ShEVl+ZKqX3IWvfITqgAZlF+vFM4S5UypkOTKSWzGob3Q5MRssbM+kK78M6
25GquKgaVfY8fxovMkskphi+z059FNVmivxSg/pnDjuiD6Z/t6A8DhxKmYCfbz9e
HS9A8sSBGdP0IrIsznz0jBKdonoOzAQPcSreghac9G23JEN4vPb9Os8f+Wv8Yt1Q
eWYHS8VliMnq/Zg9PqVvs4n/n8ttZ52uJcYpNLVR6NKJZMtaSoh/r3crwKyLB0UB
/mOdIl55qzDUSVcyohcQlQa9moU02I8RaHw35lOVp87QtCK4IzKT8fPQnTN/c/bP
4eb6I9TA/xlMlYsXYNvIss8l6+Cs8NDdEqP3WQH7WCs=
=SFPc
-----END PGP SIGNATURE-----
.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: Apple Watch Series 1 and later
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8798: ABC Research s.r.o.
Alternatively, on your watch, select "My Watch > General > About".
CVE-2019-8775: videosdebarraquito
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Visiting a maliciously crafted website may reveal browsing
history
Description: An issue existed in the drawing of web page elements.
Share Sheet
We would like to acknowledge Milan Stute of Secure Mobile Networking
Lab at Technische Universität Darmstadt for their assistance. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.1 and iPadOS 13.1"
| VAR-201912-0565 | CVE-2019-8750 | plural Apple Updates to product vulnerabilities |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Multiple issues in libxslt. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple watchOS and so on are all products of Apple (Apple). The product supports storage of music, photos, App and contacts, etc. Apple macOS Catalina is a dedicated operating system developed for Mac computers. libxslt is one of the XSLT (Extensible Stylesheet Transformation Language) libraries. A security vulnerability exists in the libxslt component of several Apple products. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. The following products and versions are affected: Apple macOS Catalina before 10.15.1; watchOS before 6.1; iCloud for Windows before 11.0; iOS before 13.1; iPadOS before 13.1; Windows-based iTunes before 12.10.1.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
Apple TV will periodically check for software updates.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: macOS Catalina 10.15
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
AppleGraphicsControl
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin
Group, Zhuo Liang of Qihoo 360 Vulcan Team
Associated Domains
Available for: macOS Catalina 10.15
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: macOS Catalina 10.15
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: macOS Catalina 10.15
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2019-8798: ABC Research s.r.o.
CVE-2019-8759: another of 360 Nirvan Team
iTunes
Available for: macOS Catalina 10.15
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes setup.
CVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8750: found by OSS-Fuzz
manpages
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2019-8802: Csaba Fitzl (@theevilbit)
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8715: an anonymous researcher
SystemExtensions
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A validation issue existed in the entitlement
verification.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-10 Additional information
for APPLE-SA-2019-10-07-1 macOS Catalina 10.15
macOS Catalina 10.15 addresses the following:
AMD
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security
Research Team
apache_mod_php
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Multiple issues in PHP
Description: Multiple issues were addressed by updating to PHP
version 7.3.8.
CVE-2019-11041
CVE-2019-11042
Audio
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Entry added October 29, 2019
Books
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Parsing a maliciously crafted iBooks file may lead to a
persistent denial-of-service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven
Entry added October 29, 2019
CFNetwork
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Crash Reporter
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: The "Share Mac Analytics" setting may not be disabled when a
user deselects the switch to share analytics
Description: A race condition existed when reading and writing user
preferences. This was addressed with improved state handling.
CVE-2019-8757: William Cerniuk of Core Development, LLC
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
Entry added October 29, 2019
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
Entry added October 29, 2019
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
Entry added October 29, 2019
File Quarantine
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
Entry added October 29, 2019
Foundation
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
Graphics
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Entry added October 29, 2019
Intel Graphics Driver
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8758: Lilang Wu and Moony Li of Trend Micro
IOGraphics
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8755: Lilang Wu and Moony Li of Trend Micro
IOGraphics
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
Entry added October 29, 2019
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
CVE-2019-8781: Linus Henze (pinauten.de)
Entry added October 29, 2019
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Kernel
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
libxml2
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
libxslt
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
Entry added October 29, 2019
mDNSResponder
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in physical proximity may be able to passively
observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a
random identifier.
CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile
Networking Lab at Technische Universität Darmstadt
Entry added October 29, 2019
Menus
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8826: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Notes
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
PDFKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker may be able to exfiltrate the contents of an
encrypted PDF
Description: An issue existed in the handling of links in encrypted
PDFs. This issue was addressed by adding a confirmation prompt.
CVE-2019-8772: Jens Müller of Ruhr University Bochum, Fabian Ising
of FH Münster University of Applied Sciences, Vladislav Mladenov
of Ruhr University Bochum, Christian Mainka of Ruhr University
Bochum, Sebastian Schinzel of FH Münster University of Applied
Sciences, and Jörg Schwenk of Ruhr University Bochum
PluginKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
SharedFileList
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to access recent
documents
Description: The issue was addressed with improved permissions logic.
CVE-2019-8770: Stanislav Zinukhov of Parallels International GmbH
sips
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992)
and pjf of IceSword Lab of Qihoo 360
UIFoundation
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Entry added October 29, 2019
UIFoundation
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
WebKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history. The issue was addressed with improved data deletion.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
WebKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Visiting a maliciously crafted website may reveal browsing
history
Description: An issue existed in the drawing of web page elements.
CVE-2019-8769: Piérre Reimertz (@reimertz)
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum and Thijs Alkemade (@xnyhps) of Computest for their
assistance.
Finder
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
Gatekeeper
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
Identity Service
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
Safari Data Importing
We would like to acknowledge Kent Zoya for their assistance.
Simple certificate enrollment protocol (SCEP)
We would like to acknowledge an anonymous researcher for their
assistance.
Telephony
We would like to acknowledge Phil Stokes from SentinelOne for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s4QACgkQBz4uGe3y
0M0s3w//QZG0JsE1BjWJ3mwKoSn/I1V0SLryV9UxJeibPfhyF6VJEYk63jZxZ5ki
48vM7iKE3nAHamNFOMtUvyzEdO6VGNZ1uiuSu9nkyziEERapHJSLcEh83p2JhWV/
SEsBB3bsT4l3V9ZYxk/9DX6ynCTzKLZTynw6Yo2PMYiMpavD5sfZ6v8U53qdZ+LX
SNuw+vRTsvu3YlFkUStTdQ64sT72yGII0c8iFpSb2AWv7IgbypB5lW4/MRQjrzoc
9yMhvMgXcgAlzoH5GpGE2EflbekcQxudxDh1t0o7f8OASRPTljNjL4oiKXBMhiAM
iUgDn7duE9LqupfSWK5WOUkF+XRV0qTaLCTDWaCzVa5YsApvSVPhbmoFqKXSQG8T
U6SxQviqzJ06sD1jqm2sZ/LnD5xMEXhQvNx89oJrTRsCU/o0fy4tRhHp52aJoF7E
Wvr1kTlo6SGm6NjkmZVoKj6962/0XUYSOt8gR+L/sF7N6URUG+1Ko2jx8zhYHMEO
ju+Hw0TFHd+8mP29oOEIsIpuRpCp9jjgEJDdu7mGqJ1Py2Gs0uGeHEZd6DJhKggA
IvdJu4Q9usjWaxQ9H3m2I/xEqw78sMEEFgCYfLTC0gf2ChaiGZuhKipcF04c81kM
bOGmjuyJrajD/2rY9EHrqtCm5b2079YAIxUAmTOkT0uP2WmlZoM=
=bhin
-----END PGP SIGNATURE-----
.
Share Sheet
We would like to acknowledge Milan Stute of Secure Mobile Networking
Lab at Technische Universität Darmstadt for their assistance. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.1 and iPadOS 13.1"
| VAR-201912-0139 | CVE-2019-8789 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Books is one of the e-book components. A security vulnerability exists in the handling of symbolic links in the Books component of Apple macOS Catalina versions prior to 10.15.1, iOS versions prior to 13.2, and iPadOS versions prior to 13.2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update
2019-001 Mojave, Security Update 2019-006 High Sierra
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra are now available and address
the following:
Accounts
Available for: macOS Catalina 10.15
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: macOS Catalina 10.15
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
AppleGraphicsControl
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8817: Arash Tohidi
AppleGraphicsControl
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin
Group, Zhuo Liang of Qihoo 360 Vulcan Team
Associated Domains
Available for: macOS Catalina 10.15
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Audio
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: macOS Catalina 10.15
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
File Quarantine
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
File System Events
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Intel Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8807: Yu Wang of Didi Research America
IOGraphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
iTunes
Available for: macOS Catalina 10.15
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes setup.
CVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
libxslt
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
manpages
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2019-8802: Csaba Fitzl (@theevilbit)
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
SystemExtensions
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A validation issue existed in the entitlement
verification.
CVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU
UIFoundation
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
Jann Horn of Google Project Zero for their assistance.
libresolv
We would like to acknowledge enh at Google for their assistance.
Postfix
We would like to acknowledge Chris Barker of Puppet for their
assistance.
Profiles
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra may be
obtained from the Mac App Store or Apple's Software Downloads
web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3T5w/+
MA0oNNn6fPlkGiHHzMisKLkseGIltXgSc1v01C32qZpWoCmIzxXoDN1DZ0UC1nkh
fAzFMvj25wEj14L7ZXOOqaLFgf+e3ZGzius71wru92h1oaYMkspO1A0I6jPOXUU0
EtZfy6RECv7Ees4Zvj5EWXO0Xqpk2fVyEN4f/sGLtlHRkv1Do9ge6pX3JyXynF+f
M0jSntJYBFMuzIX2LZFdbTgtcNhsVMhUlztz3SKbA+JF6IxertPSp9mOxaEtGnYj
LgvSy9EVn98XBRt7rS8zrXCBi1OrTV21RE2HY+Twv+8lSSMRsjo6+KW7sPYd3KDy
esY0zfIkZ1VSSw/sb0kBalkl/rjLeBkSsBlLiA9uWEvkH9uDNVuo4WzDIN6a89hs
Zb2Aj4VjlLlKRKXRmLmpq7TkUQTVxWNMUdHttHUa/k0ODWviH/CbCKhrv0GKB9+X
EOXG65J+qCzq07MPgQG/JWCFbpVVOqQyXOuKCwrDl1LIb15WMxy8vFApEcJAsrvB
Z9if9NDnJxTWo9gQUcrZHrFm/humsTc+YSPSDovfIEYwbx99LkOWdnK5kiTqodxW
SMQyXhAWeZqL8zzxkFjXnodsnmVXvldFVMHjqPdXuXnn6ythU4UPedklPC50bH9G
Ofniqz3XXmySfVDFNFyfODEsvnoTxmGiUyJzAxAM+JM=
=fvfR
-----END PGP SIGNATURE-----
.
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"
| VAR-201912-0138 | CVE-2019-8788 | plural Apple Updates to product vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Associated Domains is one of the application associated domain components. A security vulnerability exists in URLs parsing of the Associated Domains component in Apple macOS Catalina versions prior to 10.15.1, iOS versions prior to 13.2, and iPadOS versions prior to 13.2. Attackers can exploit this vulnerability to leak data. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update
2019-001 Mojave, Security Update 2019-006 High Sierra
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra are now available and address
the following:
Accounts
Available for: macOS Catalina 10.15
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: macOS Catalina 10.15
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
AppleGraphicsControl
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8817: Arash Tohidi
AppleGraphicsControl
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin
Group, Zhuo Liang of Qihoo 360 Vulcan Team
Associated Domains
Available for: macOS Catalina 10.15
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Audio
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: macOS Catalina 10.15
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: macOS Catalina 10.15
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
File Quarantine
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
File System Events
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Intel Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8807: Yu Wang of Didi Research America
IOGraphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
iTunes
Available for: macOS Catalina 10.15
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes setup.
CVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
libxslt
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
manpages
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2019-8802: Csaba Fitzl (@theevilbit)
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
SystemExtensions
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A validation issue existed in the entitlement
verification.
CVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU
UIFoundation
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
Jann Horn of Google Project Zero for their assistance.
libresolv
We would like to acknowledge enh at Google for their assistance.
Postfix
We would like to acknowledge Chris Barker of Puppet for their
assistance.
Profiles
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra may be
obtained from the Mac App Store or Apple's Software Downloads
web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3T5w/+
MA0oNNn6fPlkGiHHzMisKLkseGIltXgSc1v01C32qZpWoCmIzxXoDN1DZ0UC1nkh
fAzFMvj25wEj14L7ZXOOqaLFgf+e3ZGzius71wru92h1oaYMkspO1A0I6jPOXUU0
EtZfy6RECv7Ees4Zvj5EWXO0Xqpk2fVyEN4f/sGLtlHRkv1Do9ge6pX3JyXynF+f
M0jSntJYBFMuzIX2LZFdbTgtcNhsVMhUlztz3SKbA+JF6IxertPSp9mOxaEtGnYj
LgvSy9EVn98XBRt7rS8zrXCBi1OrTV21RE2HY+Twv+8lSSMRsjo6+KW7sPYd3KDy
esY0zfIkZ1VSSw/sb0kBalkl/rjLeBkSsBlLiA9uWEvkH9uDNVuo4WzDIN6a89hs
Zb2Aj4VjlLlKRKXRmLmpq7TkUQTVxWNMUdHttHUa/k0ODWviH/CbCKhrv0GKB9+X
EOXG65J+qCzq07MPgQG/JWCFbpVVOqQyXOuKCwrDl1LIb15WMxy8vFApEcJAsrvB
Z9if9NDnJxTWo9gQUcrZHrFm/humsTc+YSPSDovfIEYwbx99LkOWdnK5kiTqodxW
SMQyXhAWeZqL8zzxkFjXnodsnmVXvldFVMHjqPdXuXnn6ythU4UPedklPC50bH9G
Ofniqz3XXmySfVDFNFyfODEsvnoTxmGiUyJzAxAM+JM=
=fvfR
-----END PGP SIGNATURE-----
.
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"
| VAR-201912-0137 | CVE-2019-8787 | plural Apple Updates to product vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Accounts is one of the user account components. A buffer error vulnerability exists in the Accounts component of several Apple products. The following products and versions are affected: Apple macOS Catalina prior to 10.15.1; watchOS prior to 6.1; iOS prior to 13.2; iPadOS prior to 13.2; tvOS prior to 13.2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update
2019-001 Mojave, Security Update 2019-006 High Sierra
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra are now available and address
the following:
Accounts
Available for: macOS Catalina 10.15
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: macOS Catalina 10.15
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
AppleGraphicsControl
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8817: Arash Tohidi
AppleGraphicsControl
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin
Group, Zhuo Liang of Qihoo 360 Vulcan Team
Associated Domains
Available for: macOS Catalina 10.15
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Audio
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: macOS Catalina 10.15
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: macOS Catalina 10.15
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
File Quarantine
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
File System Events
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Intel Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8807: Yu Wang of Didi Research America
IOGraphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
iTunes
Available for: macOS Catalina 10.15
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes setup.
CVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
libxslt
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
manpages
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2019-8802: Csaba Fitzl (@theevilbit)
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
SystemExtensions
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A validation issue existed in the entitlement
verification.
CVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU
UIFoundation
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
Jann Horn of Google Project Zero for their assistance.
libresolv
We would like to acknowledge enh at Google for their assistance.
Postfix
We would like to acknowledge Chris Barker of Puppet for their
assistance.
Profiles
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra may be
obtained from the Mac App Store or Apple's Software Downloads
web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3T5w/+
MA0oNNn6fPlkGiHHzMisKLkseGIltXgSc1v01C32qZpWoCmIzxXoDN1DZ0UC1nkh
fAzFMvj25wEj14L7ZXOOqaLFgf+e3ZGzius71wru92h1oaYMkspO1A0I6jPOXUU0
EtZfy6RECv7Ees4Zvj5EWXO0Xqpk2fVyEN4f/sGLtlHRkv1Do9ge6pX3JyXynF+f
M0jSntJYBFMuzIX2LZFdbTgtcNhsVMhUlztz3SKbA+JF6IxertPSp9mOxaEtGnYj
LgvSy9EVn98XBRt7rS8zrXCBi1OrTV21RE2HY+Twv+8lSSMRsjo6+KW7sPYd3KDy
esY0zfIkZ1VSSw/sb0kBalkl/rjLeBkSsBlLiA9uWEvkH9uDNVuo4WzDIN6a89hs
Zb2Aj4VjlLlKRKXRmLmpq7TkUQTVxWNMUdHttHUa/k0ODWviH/CbCKhrv0GKB9+X
EOXG65J+qCzq07MPgQG/JWCFbpVVOqQyXOuKCwrDl1LIb15WMxy8vFApEcJAsrvB
Z9if9NDnJxTWo9gQUcrZHrFm/humsTc+YSPSDovfIEYwbx99LkOWdnK5kiTqodxW
SMQyXhAWeZqL8zzxkFjXnodsnmVXvldFVMHjqPdXuXnn6ythU4UPedklPC50bH9G
Ofniqz3XXmySfVDFNFyfODEsvnoTxmGiUyJzAxAM+JM=
=fvfR
-----END PGP SIGNATURE-----
.
CVE-2019-8750: found by OSS-Fuzz
VoiceOver
Available for: Apple Watch Series 1 and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
Alternatively, on your watch, select "My Watch > General > About".
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"
| VAR-201912-0134 | CVE-2019-8784 | plural Apple Updates to product vulnerabilities |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. An application may be able to execute arbitrary code with system privileges. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Apple macOS Catalina is a dedicated operating system developed for Mac computers. Graphics Drivers is one of the graphics driver components. A security vulnerability exists in the Graphics Driver component in several Apple products. The following products and versions are affected: Windows-based Apple iCloud versions prior to 7.15 and 11.0; Windows-based iTunes versions prior to 12.10.2; macOS Catalina versions prior to 10.15.1; iOS versions prior to 13.2; iPadOS versions prior to 13.2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update
2019-001 Mojave, Security Update 2019-006 High Sierra
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra are now available and address
the following:
Accounts
Available for: macOS Catalina 10.15
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: macOS Catalina 10.15
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
AppleGraphicsControl
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin
Group, Zhuo Liang of Qihoo 360 Vulcan Team
Associated Domains
Available for: macOS Catalina 10.15
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Audio
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: macOS Catalina 10.15
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: macOS Catalina 10.15
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
File Quarantine
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
File System Events
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Intel Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8807: Yu Wang of Didi Research America
IOGraphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
iTunes
Available for: macOS Catalina 10.15
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes setup.
This was addressed with improved path searching.
CVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
libxslt
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
manpages
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2019-8802: Csaba Fitzl (@theevilbit)
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU
UIFoundation
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
Jann Horn of Google Project Zero for their assistance.
libresolv
We would like to acknowledge enh at Google for their assistance.
Postfix
We would like to acknowledge Chris Barker of Puppet for their
assistance.
Profiles
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra may be
obtained from the Mac App Store or Apple's Software Downloads
web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3T5w/+
MA0oNNn6fPlkGiHHzMisKLkseGIltXgSc1v01C32qZpWoCmIzxXoDN1DZ0UC1nkh
fAzFMvj25wEj14L7ZXOOqaLFgf+e3ZGzius71wru92h1oaYMkspO1A0I6jPOXUU0
EtZfy6RECv7Ees4Zvj5EWXO0Xqpk2fVyEN4f/sGLtlHRkv1Do9ge6pX3JyXynF+f
M0jSntJYBFMuzIX2LZFdbTgtcNhsVMhUlztz3SKbA+JF6IxertPSp9mOxaEtGnYj
LgvSy9EVn98XBRt7rS8zrXCBi1OrTV21RE2HY+Twv+8lSSMRsjo6+KW7sPYd3KDy
esY0zfIkZ1VSSw/sb0kBalkl/rjLeBkSsBlLiA9uWEvkH9uDNVuo4WzDIN6a89hs
Zb2Aj4VjlLlKRKXRmLmpq7TkUQTVxWNMUdHttHUa/k0ODWviH/CbCKhrv0GKB9+X
EOXG65J+qCzq07MPgQG/JWCFbpVVOqQyXOuKCwrDl1LIb15WMxy8vFApEcJAsrvB
Z9if9NDnJxTWo9gQUcrZHrFm/humsTc+YSPSDovfIEYwbx99LkOWdnK5kiTqodxW
SMQyXhAWeZqL8zzxkFjXnodsnmVXvldFVMHjqPdXuXnn6ythU4UPedklPC50bH9G
Ofniqz3XXmySfVDFNFyfODEsvnoTxmGiUyJzAxAM+JM=
=fvfR
-----END PGP SIGNATURE-----
.
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"
| VAR-201912-0136 | CVE-2019-8786 | plural Apple Updates to product vulnerabilities |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Kernel components in several Apple products have security vulnerabilities. The following products and versions are affected: Apple macOS Catalina prior to 10.15.1; watchOS prior to 6.1; iOS prior to 13.2; iPadOS prior to 13.2; tvOS prior to 13.2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update
2019-001 Mojave, Security Update 2019-006 High Sierra
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra are now available and address
the following:
Accounts
Available for: macOS Catalina 10.15
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: macOS Catalina 10.15
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
AppleGraphicsControl
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin
Group, Zhuo Liang of Qihoo 360 Vulcan Team
Associated Domains
Available for: macOS Catalina 10.15
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Audio
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: macOS Catalina 10.15
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: macOS Catalina 10.15
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
File Quarantine
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
File System Events
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Intel Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8807: Yu Wang of Didi Research America
IOGraphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
iTunes
Available for: macOS Catalina 10.15
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes setup.
This was addressed with improved path searching.
CVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
libxslt
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
manpages
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2019-8802: Csaba Fitzl (@theevilbit)
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU
UIFoundation
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
Jann Horn of Google Project Zero for their assistance.
libresolv
We would like to acknowledge enh at Google for their assistance.
Postfix
We would like to acknowledge Chris Barker of Puppet for their
assistance.
Profiles
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra may be
obtained from the Mac App Store or Apple's Software Downloads
web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3T5w/+
MA0oNNn6fPlkGiHHzMisKLkseGIltXgSc1v01C32qZpWoCmIzxXoDN1DZ0UC1nkh
fAzFMvj25wEj14L7ZXOOqaLFgf+e3ZGzius71wru92h1oaYMkspO1A0I6jPOXUU0
EtZfy6RECv7Ees4Zvj5EWXO0Xqpk2fVyEN4f/sGLtlHRkv1Do9ge6pX3JyXynF+f
M0jSntJYBFMuzIX2LZFdbTgtcNhsVMhUlztz3SKbA+JF6IxertPSp9mOxaEtGnYj
LgvSy9EVn98XBRt7rS8zrXCBi1OrTV21RE2HY+Twv+8lSSMRsjo6+KW7sPYd3KDy
esY0zfIkZ1VSSw/sb0kBalkl/rjLeBkSsBlLiA9uWEvkH9uDNVuo4WzDIN6a89hs
Zb2Aj4VjlLlKRKXRmLmpq7TkUQTVxWNMUdHttHUa/k0ODWviH/CbCKhrv0GKB9+X
EOXG65J+qCzq07MPgQG/JWCFbpVVOqQyXOuKCwrDl1LIb15WMxy8vFApEcJAsrvB
Z9if9NDnJxTWo9gQUcrZHrFm/humsTc+YSPSDovfIEYwbx99LkOWdnK5kiTqodxW
SMQyXhAWeZqL8zzxkFjXnodsnmVXvldFVMHjqPdXuXnn6ythU4UPedklPC50bH9G
Ofniqz3XXmySfVDFNFyfODEsvnoTxmGiUyJzAxAM+JM=
=fvfR
-----END PGP SIGNATURE-----
.
CVE-2019-8750: found by OSS-Fuzz
VoiceOver
Available for: Apple Watch Series 1 and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
Alternatively, on your watch, select "My Watch > General > About".
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"
| VAR-201912-0126 | CVE-2019-8817 | apple's Apple Mac OS X Input verification vulnerability in |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.1. An application may be able to read restricted memory. apple's Apple Mac OS X There is an input validation vulnerability in.Information may be obtained. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. AppleGraphicsControl is one of the graphics control components. A security vulnerability exists in the AppleGraphicsControl component in versions prior to Apple macOS Catalina 10.15.1
| VAR-201912-0135 | CVE-2019-8785 | plural Apple Updates to product vulnerabilities |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Audio is one of the audio components. A security vulnerability exists in the Audio component of several Apple products. The following products and versions are affected: Apple macOS Catalina prior to 10.15.1; watchOS prior to 6.1; iOS prior to 13.2; iPadOS prior to 13.2; tvOS prior to 13.2. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update
2019-001 Mojave, Security Update 2019-006 High Sierra
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra are now available and address
the following:
Accounts
Available for: macOS Catalina 10.15
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: macOS Catalina 10.15
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
AppleGraphicsControl
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin
Group, Zhuo Liang of Qihoo 360 Vulcan Team
Associated Domains
Available for: macOS Catalina 10.15
Impact: Improper URL processing may lead to data exfiltration
Description: An issue existed in the parsing of URLs.
CVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli
Rikama of Zero Keyboard Ltd
Audio
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Audio
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8785: Ian Beer of Google Project Zero
CVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure
Books
Available for: macOS Catalina 10.15
Impact: Parsing a maliciously crafted iBooks file may lead to
disclosure of user information
Description: A validation issue existed in the handling of symlinks.
CVE-2019-8789: Gertjan Franken of imec-DistriNet, KU Leuven
Contacts
Available for: macOS Catalina 10.15
Impact: Processing a maliciously contact may lead to UI spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2017-7152: Oliver Paukstadt of Thinking Objects GmbH (to.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2019-8767: Stephen Zeisberg
CUPS
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)
File Quarantine
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs
File System Events
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8798: ABC Research s.r.o. working with Trend Micro's Zero
Day Initiative
Graphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Processing a malicious shader may result in unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-12152: Piotr Bania of Cisco Talos
CVE-2018-12153: Piotr Bania of Cisco Talos
CVE-2018-12154: Piotr Bania of Cisco Talos
Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLC
Intel Graphics Driver
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8807: Yu Wang of Didi Research America
IOGraphics
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-8759: another of 360 Nirvan Team
iTunes
Available for: macOS Catalina 10.15
Impact: Running the iTunes installer in an untrusted directory may
result in arbitrary code execution
Description: A dynamic library loading issue existed in iTunes setup.
This was addressed with improved path searching.
CVE-2019-8801: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8794: 08Tc3wBB working with SSD Secure Disclosure
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8786: an anonymous researcher
Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
libxml2
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
libxslt
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
manpages
Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2019-8802: Csaba Fitzl (@theevilbit)
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
PluginKit
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8805: Scott Knight (@sdotknight) of VMware Carbon Black TAU
UIFoundation
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2019-8761: Renee Trisberg of SpectX
Additional recognition
CFNetwork
We would like to acknowledge Lily Chen of Google for their
assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero and
Jann Horn of Google Project Zero for their assistance.
libresolv
We would like to acknowledge enh at Google for their assistance.
Postfix
We would like to acknowledge Chris Barker of Puppet for their
assistance.
Profiles
We would like to acknowledge Csaba Fitzl (@theevilbit) for their
assistance.
python
We would like to acknowledge an anonymous researcher for their
assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
Installation note:
macOS Catalina 10.15.1, Security Update 2019-001 Mojave,
Security Update 2019-006 High Sierra may be
obtained from the Mac App Store or Apple's Software Downloads
web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3T5w/+
MA0oNNn6fPlkGiHHzMisKLkseGIltXgSc1v01C32qZpWoCmIzxXoDN1DZ0UC1nkh
fAzFMvj25wEj14L7ZXOOqaLFgf+e3ZGzius71wru92h1oaYMkspO1A0I6jPOXUU0
EtZfy6RECv7Ees4Zvj5EWXO0Xqpk2fVyEN4f/sGLtlHRkv1Do9ge6pX3JyXynF+f
M0jSntJYBFMuzIX2LZFdbTgtcNhsVMhUlztz3SKbA+JF6IxertPSp9mOxaEtGnYj
LgvSy9EVn98XBRt7rS8zrXCBi1OrTV21RE2HY+Twv+8lSSMRsjo6+KW7sPYd3KDy
esY0zfIkZ1VSSw/sb0kBalkl/rjLeBkSsBlLiA9uWEvkH9uDNVuo4WzDIN6a89hs
Zb2Aj4VjlLlKRKXRmLmpq7TkUQTVxWNMUdHttHUa/k0ODWviH/CbCKhrv0GKB9+X
EOXG65J+qCzq07MPgQG/JWCFbpVVOqQyXOuKCwrDl1LIb15WMxy8vFApEcJAsrvB
Z9if9NDnJxTWo9gQUcrZHrFm/humsTc+YSPSDovfIEYwbx99LkOWdnK5kiTqodxW
SMQyXhAWeZqL8zzxkFjXnodsnmVXvldFVMHjqPdXuXnn6ythU4UPedklPC50bH9G
Ofniqz3XXmySfVDFNFyfODEsvnoTxmGiUyJzAxAM+JM=
=fvfR
-----END PGP SIGNATURE-----
.
CVE-2019-8750: found by OSS-Fuzz
VoiceOver
Available for: Apple Watch Series 1 and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
Alternatively, on your watch, select "My Watch > General > About".
CVE-2019-8786: an anonymous researcher
Screen Time
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local user may be able to record the screen without a
visible screen recording indicator
Description: A consistency issue existed in deciding when to show the
screen recording indicator.
CVE-2019-8793: Ryan Jenkins of Lake Forrest Prep School
Setup Assistant
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An inconsistency in Wi-Fi network configuration settings
was addressed.
CVE-2019-8782: Cheolung Lee of LINE+ Security Team
CVE-2019-8783: Cheolung Lee of LINE+ Graylab Security Team
CVE-2019-8808: found by OSS-Fuzz
CVE-2019-8811: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8812: an anonymous researcher
CVE-2019-8814: Cheolung Lee of LINE+ Security Team
CVE-2019-8816: Soyeon Park of SSLab at Georgia Tech
CVE-2019-8819: Cheolung Lee of LINE+ Security Team
CVE-2019-8820: Samuel Groß of Google Project Zero
CVE-2019-8821: Sergei Glazunov of Google Project Zero
CVE-2019-8822: Sergei Glazunov of Google Project Zero
CVE-2019-8823: Sergei Glazunov of Google Project Zero
WebKit Process Model
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.2 and iPadOS 13.2"