[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] APPLE-SA-2023-09-07-1 macOS Ventura 13.5.2
From:       Apple Product Security via Fulldisclosure <fulldisclosure () seclists ! org>
Date:       2023-09-07 22:17:57
Message-ID: C498CA90-24CF-4AC3-B0F8-14FA0EB13B94 () lists ! apple ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2023-09-07-1 macOS Ventura 13.5.2

macOS Ventura 13.5.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213906.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

ImageIO
Available for: macOS Ventura
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution. Apple is aware of a report that this issue may have been
actively exploited.
Description: A buffer overflow issue was addressed with improved memory
handling.
CVE-2023-41064: The Citizen Lab at The University of Torontoʼs Munk
School

macOS Ventura 13.5.2 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmT6SZYACgkQX+5d1TXa
IvrtMhAA1RyQ10AXiFZtsQ98AyilJb114zyas7gNMA64LRqAFXU5stooAnZ553uu
YSsVUpUCkMGNppha3i/bGUiEMBRpkBugHq288eFJEP6bS/wpL5PKhZKoNl7qcuIv
nWj9T4x3qq4e6d7TbXSMXVdiSpBSvlsTcxpjk+VcUNcE6bqcgwvswtNWfN2ADCu7
cwtYDznY3rgaYRSTwfZj/AfS378STrhUDfY55PSuy8Kx4lCwPfADNuLI4CeXZNyc
Cb7bAd0RJWqrM/LHhq3C/hNxaSQOv4WE3kRbwfeLmYOidhFkZLBryhKkJ/XYTUWi
WZfHthSPV6gVN8pwrBPslfrWWFS4V/mJMR89TZounTLJbzok7el5H8JNxK6FTymz
9BIhR9JJKAi58HwGAYMFfrb4HSdUraPKE64qJT6OSEIJLlkDOAFZfmh6C4G0RWcf
XySsm4w+ABax3YxfzK0IOE9/a8Gib1e0hD+ZnpqcldTvPLiw6ZqqpY4JJbaO8IoT
5HY03lRMp+eJmw9dVthtzc3p8tUvll/RLe2+anE1ATktdGLJz1Uvosz2+4ee13jx
nvq5ALYoaqah/XrYXF53eHUfCliGWWbjDE/MrcakfGZ4nqVOy021Id3g5bsb5NlS
6U4EWi7pAcfqv8TK95YAIDXiSCicKuZsYokYlRL9AAvgerBCw1U=
=xKgX
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]