site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2007-01-25 AirPort Extreme Update 2007-001 AirPort Extreme Update 2007-001 is now available. Along with other improvements (see release notes), it also addresses the following security issue: AirPort CVE-ID: CVE-2006-6292 Available for: Mac OS X v10.4.8, Mac OS X Server v10.4.8 Impact: Attackers on the wireless network may cause system crashes Description: An out-of-bounds memory read may occur while handling wireless frames. An attacker in local proximity may be able to trigger a system crash by sending a maliciously-crafted frame to an affected system. This issue affects the Core Duo version of Mac mini, MacBook, and MacBook Pro computers equipped with wireless. Other systems, including the Core 2 Duo versions are not affected. This update addresses the issue by performing additional validation of wireless frames. Credit to LMH for reporting this issue. AirPort Extreme Update 2007-001 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: "AirPortExtremeUpdate2007001.dmg" Its SHA-1 digest is: 3e2e2ee7d167008e709a454dad41c3547a5153ad Information will also be posted to the Apple Security Updates web site: http://docs.info.apple.com/article.html?artnum=61798 This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.3 (Build 2932) iQEVAwUBRblcRImzP5/bU5rtAQiDywgAicfblylXu93+o4n71K6RA/LFqNWv56Jm Lu6S8PHVAoUvApXv2ulbELUZIYrPg80FpqvDgNds+II86v+qK++Lrg6tLyhVcJ3W uCr1zXUARPwiBe6iRn5Ph7nCBJPErDStv5g3BxP1iovcA4clAkgYkdimlTEB4TJq TsbjjqjUgSZztMuJ8ssIjybiMGrYPrlgrORI6HZSOM0v7VqD9JmY5Wme9gGabEvf X3SgLs3ULqaqRWxOKxqJVpkHaTugZZroXlHfpdOz+FZlG5AZYG+W12JLUAQKSLa9 uIU1DOpQ8IN2oawjhJGScJXQvODF5bptB0uhM6KN/yE28fUfTyOmPQ== =/kDW -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com