site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2010-11-22-1 iOS 4.2 iOS 4.2 is now available and addresses the following: Configuration Profiles CVE-ID: CVE-2010-3827 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: A user may be misled into installing a maliciously crafted configuration profile Description: A signature validation issue exists in the handling of configuration profiles. A maliciously crafted configuration profile may appear to have a valid signature in the configuration installation utility. This issue is addressed through improved validation of profile signatures. Credit to Barry Simpson of Bomgar Corporation for reporting this issue. CoreGraphics CVE-ID: CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Multiple vulnerabilities in FreeType 2.4.1 Description: Multiple vulnerabilities exist in FreeType 2.4.1, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues are addressed by updating FreeType to version 2.4.2. Further information is available via the FreeType site at http://www.freetype.org/ FreeType CVE-ID: CVE-2010-3814 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution Description: A heap buffer overflow exists in FreeType's handling of TrueType opcodes. Viewing a PDF document with maliciously crafted embedded fonts may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. iAd Content Display CVE-ID: CVE-2010-3828 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: An attacker in a privileged network position may be able to cause a call to be initiated Description: A URL handling issue exists in iAd Content Display. An iAd is requested by an application, either automatically or through explicit user action. By injecting the contents of a requested ad with a link containing a URL scheme used to initiate a call, an attacker in a privileged network position may be able to cause a call to occur. This issue is addressed by ensuring that the user is prompted before a call is initiated from a link. Credit to Aaron Sigel of vtty.com for reporting this issue. ImageIO CVE-ID: CVE-2010-2249, CVE-2010-1205 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Multiple vulnerabilities in libpng Description: libpng is updated to version 1.4.3 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html libxml CVE-ID: CVE-2010-4008 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in libxml's xpath handling. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of xpaths. Credit to Bui Quang Minh from Bkis (www.bkis.com) for reporting this issue. Mail CVE-ID: CVE-2010-3829 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Mail may resolve DNS names when remote image loading is disabled Description: When WebKit encounters an HTML Link Element that requests DNS prefetching, it will perform the prefetch even if remote image loading is disabled. This may result in undesired requests to remote servers. The sender of an HTML-formatted email message could use this to determine whether the message was viewed. This issue is addressed by disabling DNS prefetching when remote image loading is disabled. Credit to Mike Cardwell of Cardwell IT Ltd. for reporting this issue. Networking CVE-ID: CVE-2010-1843 Available for: iOS 4.0 through 4.1 for iPhone 3GS and later, iOS 4.0 through 4.1 for iPod touch (3rd generation), iOS 3.2 through 3.2.2 for iPad Impact: A remote attacker may cause an unexpected system shutdown Description: A null pointer dereference issue exists in the handling of Protocol Independent Multicast (PIM) packets. By sending a maliciously crafted PIM packet, a remote attacker may cause an unexpected system shutdown. This issue is addressed through improved validation of PIM packets. Credit to an anonymous researcher working with TippingPoint's Zero Day Initiative for reporting this issue. This issue does not affect devices running iOS versions prior to 3.2. Networking CVE-ID: CVE-2010-3830 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Malicious code may gain system privileges Description: An invalid pointer reference exists in Networking when handling packet filter rules. This may allow malicious code running in the user's session to gain system privileges. This issue is addressed through improved handling of packet filter rules. OfficeImport CVE-ID: CVE-2010-3786 Available for: iOS 3.2 through 3.2.2 for iPad Impact: Viewing a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in OfficeImport's handling of Excel files. Viewing a maliciously crafted Excel file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. This issue was addressed on iPhones in iOS 4. Credit to Tobias Klein, working with VeriSign iDefense Labs for reporting this issue. Photos CVE-ID: CVE-2010-3831 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: "Send to MobileMe" may result in the disclosure of the MobileMe account password Description: The Photos application allows users to share their pictures and movies through various means. One way is the "Send to MobileMe" button, which uploads the selected contents to the user's MobileMe Gallery. The Photos application will use HTTP Basic authentication if no other authentication mechanism is presented as available by the server. An attacker with a privileged network position may manipulate the response of the MobileMe Gallery to request basic authentication, resulting in the disclosure of the MobileMe account password. This issue is addressed by disabling support for Basic authentication. Credit to Credit to Aaron Sigel of vtty.com for reporting this issue. Safari CVE-ID: CVE-2009-1707 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: "Reset Safari" may not immediately remove website passwords from memory Description: After clicking the "Reset" button for "Reset saved names and passwords" in the "Reset Safari..." menu option, Safari may take up to 30 seconds to clear the passwords. A user with access to the device in that time window may be able to access the stored credentials. This issue is addressed by resolving the race condition that led to the delay. Credit to Philippe Couturier of izypage.com, and Andrew Wellington of The Australian National University for reporting this issue. Telephony CVE-ID: CVE-2010-3832 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 3.2 through 3.2.2 for iPad Impact: A remote attacker may be able to cause arbitrary code execution Description: A heap buffer overflow exists in the handling of Temporary Mobile Subscriber Identity (TMSI) fields in GSM mobility management. This may allow a remote attacker to cause arbitrary code execution on the baseband processor. This issue is addressed through improved bounds checking. Credit to Ralf-Philipp Weinmann of the University of Luxembourg for reporting this issue. WebKit CVE-ID: CVE-2010-3803 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow exists in WebKit's handling of strings. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to J23 for reporting this issue. WebKit CVE-ID: CVE-2010-3824 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue exists in WebKit's handling "use" elements in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to wushi of team509 for reporting this issue. WebKit CVE-ID: CVE-2010-3816 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue exists in WebKit's handling of scrollbars. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to Rohit Makasana of Google Inc. for reporting this issue. WebKit CVE-ID: CVE-2010-3809 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue exists in WebKit's handling of inline styling. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of inline styling. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue. WebKit CVE-ID: CVE-2010-3810 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: A maliciously crafted website may be able to spoof the address in the location bar or add arbitrary locations to the history Description: A cross-origin issue exists in WebKit's handling of the History object. A maliciously crafted website may be able to spoof the address in the location bar or add arbitrary locations to the history. This issue is addressed through improved tracking of security origins. Credit to Mike Taylor of Opera Software for reporting this issue. WebKit CVE-ID: CVE-2010-3805 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An integer underflow exists in WebKit's handling of WebSockets. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Keith Campbell, and Cris Neckar of Google Chrome Security Team for reporting this issue. WebKit CVE-ID: CVE-2010-3823 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue exists in WebKit's handling of Geolocation objects. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to kuzzcc for reporting this issue. WebKit CVE-ID: CVE-2010-3116 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple use after free issues exist in WebKit's handling of plug-ins. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. These issues are addressed through improved memory handling. WebKit CVE-ID: CVE-2010-3812 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow exists in WebKit's handling of Text objects. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to J23 working with TippingPoint's Zero Day Initiative for reporting this issue. WebKit CVE-ID: CVE-2010-3808 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue exists in WebKit's handling of editing commands. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of editing commands. Credit to wushi of team509 for reporting this issue. WebKit CVE-ID: CVE-2010-3259 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a malicious website may lead to the disclosure of image data from another website Description: A cross-origin issue exists in WebKit's handling of images created from "canvas" elements. Visiting a malicious website may lead to the disclosure of image data from another website. This issue is addressed through improved tracking of security origins. Credit to Isaac Dawson, and James Qiu of Microsoft and Microsoft Vulnerability Research (MSVR) for reporting this issue. WebKit CVE-ID: CVE-2010-1822 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue exists in WebKit's handling of SVG elements in non-SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of SVG elements. Credit to wushi of team509 for reporting this issue. WebKit CVE-ID: CVE-2010-3811 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue exists in WebKit's handling of element attributes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to Michal Zalewski for reporting this issue. WebKit CVE-ID: CVE-2010-3817 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue exists in WebKit's handling of CSS 3D transforms. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS 3D transforms. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue. WebKit CVE-ID: CVE-2010-3818 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue exists in WebKit's handling of inline text boxes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory handling. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue. WebKit CVE-ID: CVE-2010-3819 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue exists in WebKit's handling of CSS boxes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS boxes. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue. WebKit CVE-ID: CVE-2010-3820 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access issue exists in WebKit's handling of editable elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of editable elements. Credit: Apple. WebKit CVE-ID: CVE-2010-1789 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in WebKit's handling of JavaScript string objects. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit: Apple. WebKit CVE-ID: CVE-2010-1806 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue exists in WebKit's handling of elements with run-in styling. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of object pointers. Credit to wushi of team509, working with TippingPoint's Zero Day Initiative for reporting this issue. WebKit CVE-ID: CVE-2010-3257 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A use after free issue exists in WebKit's handling of element focus. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved memory management. Credit to VUPEN Vulnerability Research Team for reporting this issue. WebKit CVE-ID: CVE-2010-3826 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue exists in WebKit's handling of colors in SVG documents. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of colors in SVG documents. Credit to Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue. WebKit CVE-ID: CVE-2010-1807 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An input validation issue exists in WebKit's handling of floating point data types. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of floating point values. Credit to Luke Wagner of Mozilla for reporting this issue. WebKit CVE-ID: CVE-2010-3821 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue exists in WebKit's handling of the ':first-letter' pseudo-element in cascading stylesheets. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of the ':first-letter' pseudo- element. Credit to Cris Neckar and Abhishek Arya (Inferno) of Google Chrome Security Team for reporting this issue. WebKit CVE-ID: CVE-2010-3804 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Websites may surreptitiously track users Description: Safari generates random numbers for JavaScript applications using a predictable algorithm. This may allow a website to track a particular Safari session without using cookies, hidden form elements, IP addresses, or other techniques. This update addresses the issue by using a stronger random number generator. Credit to Amit Klein of Trusteer for reporting this issue. WebKit CVE-ID: CVE-2010-3813 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: WebKit may perform DNS prefetching even when it is disabled Description: When WebKit encounters an HTML Link Element that requests DNS prefetching, it will perform the operation even if prefetching is disabled. This may result in undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read. This issue is addressed trough improved handling of DNS prefetching requests. Credit to Jeff Johnson of Rogue Amoeba Software for reporting this issue. WebKit CVE-ID: CVE-2010-3822 Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized pointer issue exists in WebKit's handling of CSS counter styles. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved handling of CSS counter styles. Credit to kuzzcc for reporting this issue. WebKit Available for: iOS 2.0 through 4.1 for iPhone 3G and later, iOS 2.1 through 4.1 for iPod touch (2nd generation) and later, iOS 3.2 through 3.2.2 for iPad Impact: A maliciously crafted website may be able to determine which sites a user has visited Description: A design issue exists in WebKit's handling of the CSS :visited pseudo-class. A maliciously crafted website may be able to determine which sites a user has visited. This update limits the ability of web pages to style pages based on whether links are visited. Multiple components CVE-ID: CVE-2010-0051, CVE-2010-0544, CVE-2010-0042, CVE-2010-1384, CVE-2010-1387, CVE-2010-1392, CVE-2010-1394, CVE-2010-1403, CVE-2010-1405, CVE-2010-1407, CVE-2010-1408, CVE-2010-1410, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1421, CVE-2010-1422, CVE-2010-1757, CVE-2010-1758, CVE-2010-1764, CVE-2010-1770, CVE-2010-1771, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1791, CVE-2010-1793, CVE-2010-1811, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815 Available for: iOS 3.2 through 3.2.2 for iPad Impact: Multiple security fixes in iOS for iPad Description: This update incorporates security fixes that were provided for iPhone and iPod touch in iOS 4 and iOS 4.1. Installation note: These updates are only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "4.2.1 (8C148)" or later. New devices with the version "4.2 (8C134)" or "4.2 (8C134b)" already include the fixes listed in this advisory. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJM5tVgAAoJEGnF2JsdZQee89wH/iNTePjrlX6Un2dbw102FH2I 41/m3qDsb0E2gL/M0GNt1e8Kn/v/Zo5D0WOQEteGAMCjIGGa3CtBh4H0pGC/mQxn ookc6Q33j7qRtfQfRLhYd7LGXjtoltKKZ1qubs3lPxS/dP4/3uuBV8kgy2n1f8gy +p/8MaNCFoaHbJVi/v0KKRTYmMcXvOEqdTw0AXxIWpEWdt3l+aXlq5WMZGvX4vow Zvh3/Ud06IwmQ9fFmbYxCd//Sm5FNAKnEtuG0xuHo/APUAwvAcRXbdCxlvmISreb qyzwW2HHj+Rk0mdaeV2mM7+X0Mcyn4V+okjRuk4p/YttxmtYkeGuqb0xUWHKL4E= =SqUB -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com