[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] APPLE-SA-2016-05-16-6 iTunes 12.4
From:       Apple Product Security <product-security-noreply () lists ! apple ! com>
Date:       2016-05-16 22:47:53
Message-ID: F79818BC-E265-4C2E-9B9B-3164D9AD3531 () lists ! apple ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-05-16-6 iTunes 12.4

iTunes 12.4 is now available and addresses the following:

iTunes
Available for:  Windows 7 and later
Impact:  Running the iTunes installer in an untrusted directory may
have resulted in arbitrary code execution
Description:  A dynamic library loading issue existed in iTunes
setup. This was addressed through improved path searching.
CVE-ID
CVE-2016-1742 : Stefan Kanthak and
YoKo Kho (yokoacc) of MII - Consulting & Advisory Svc. Dept.

iTunes 12.4 may be obtained from:
http://www.apple.com/itunes/download/

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXOj0OAAoJEIOj74w0bLRGjA0QANTHzjNUsByxmLOpQfNcEHEy
3lXFmf00E7C6lq7DgQMPfbYOgXz+lAJuUuyt88OK6k9w+ADm+huxna6O+Gy4f+ST
W1T2eu78vJG42QRji1f9PAa8M9roQjziL35iCRZCpeN5kLwXK8BHGSjvB33hjkGy
a7GzWuT27iwUcEvTHSWACYtVqfDYre5l4Jyk0/CviWgb7zms7HC+SBbAGS3TfZRh
LxT2JeF+dQ4Ajug21O8IJrOJtNwgppkssrSqtvVezYNvmTVuELPtm+5Mo0Ggqhr7
vo3SxcOvZ7xqyA9F2klLV27oity7FLMXg2NyqWnngpRJoxnnck8PcB9/FSGpVpWt
/RmF6zIII792jfcmRYhe8IwgbpO6w8r4o4dJX3FLuWmk1HajT9itgZkMPIIfUdP7
hxvfmK4GBv09AP/o+oXi+Zoq3X0HbZhp+djcI9hx0T9a1bw7g0H31g54NMhqCxez
vl0M04Y3+GmtXuIJNIzJuuIh4JMMfGN9SXO5NAzFzOlQ6bn96/uR9o4e+2LAuH29
HuACxqu6gaOOt/bv0AOSloPyIOSnfgH1v5Zt9QV2qDpChTSPqL0b5nnqwcv5yv7l
InSa1oWL+WJ1FSlB7dLC01Sii4uRTC6Oud+ShWsoqMKYJouODqry8hlIG4Qqzexl
fnEDC7oEvN/gpW1EXu7v
=Aip6
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]