site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2008-06-30 Safari 3.1.2 for Mac OS X v10.4.11 Safari 3.1.2 is now available for Mac OS X v10.4.11 and addresses the following issue: WebKit CVE-ID: CVE-2008-2307 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in WebKit's handling of JavaScript arrays. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue is addressed in Safari 3.1.2 for Windows XP or Vista, and also in systems running Mac OS X v10.5.4. Credit to James Urquhart for reporting this issue. Safari 3.1.2 for Mac OS X v10.4.11 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/ The download file is named: "Safari312UpdTiger.dmg" Its SHA-1 digest is: 92dcca834e790d719953a649aae6b28e92de4717 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: 9.7.2.1608 wsBVAwUBSGlP6XkodeiKZIkBAQgA7wf+OGHrGNBWsY9rWJZcWyxpZa42aXcwWqAz ZC8dO6+rpSo/5bKaop+6wfPrk6zjii7B6pE6Y1FvsD+TBZsst7UGLRucxM6oalkn kiK6EoVktwZRRuvlK5/ZStbhYBt/7kwgbwDovwsIZ3CAK0DyhKDLsNd2GCzftcLc nBg37SHZz1qv6FT+eBBA9+fbegmUpPn7bTM5DB3hzBIGBTS50PMzEjBLHhrRrikS KxZDLX48HesmFtlSK///klNQlzbriXAMXPU+FbO50NWLzlco0ate/t4p0oRzDbEx hIErFJNLXnLZ0rOUCLnBweuyRnlXI1r9khSuWz3Tbts7s/3cART1Lw== =TzZN -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com