-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-03-27-6 tvOS 10.2 tvOS 10.2 is now available and addresses the following: Audio Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2430: an anonymous researcher working with Trend Micro’s Zero Day Initiative CVE-2017-2462: an anonymous researcher working with Trend Micro’s Zero Day Initiative Carbon Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted .dfont file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of font files. This issue was addressed through improved bounds checking. CVE-2017-2379: John Villamil, Doyensec, riusksk (泉哥) of Tencent Security Platform Department CoreGraphics Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted image may lead to a denial of service Description: An infinite recursion was addressed through improved state management. CVE-2017-2417: riusksk (泉哥) of Tencent Security Platform Department CoreGraphics Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2017-2444: Mei Wang of 360 GearTeam CoreText Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2435: John Villamil, Doyensec CoreText Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed through improved input validation. CVE-2017-2450: John Villamil, Doyensec CoreText Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A resource exhaustion issue was addressed through improved input validation. CVE-2017-2461: an anonymous researcher, Isaac Archambault of IDAoADI FontParser Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2017-2406: riusksk (泉哥) of Tencent Security Platform Department CVE-2017-2487: riusksk (泉哥) of Tencent Security Platform Department FontParser Available for: Apple TV (4th generation) Impact: Parsing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2017-2407: riusksk (泉哥) of Tencent Security Platform Department FontParser Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed through improved input validation. CVE-2017-2439: John Villamil, Doyensec HTTPProtocol Available for: Apple TV (4th generation) Impact: A malicious HTTP/2 server may be able to cause undefined behavior Description: Multiple issues existed in nghttp2 before 1.17.0. These were addressed by updating LibreSSL to version 1.17.0. CVE-2017-2428 ImageIO Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2416: Qidan He (何淇丹, @flanker_hqd) of KeenLab, Tencent ImageIO Available for: Apple TV (4th generation) Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2432: an anonymous researcher working with Trend Micro's Zero Day Initiative ImageIO Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2467 ImageIO Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted image may lead to unexpected application termination Description: An out-of-bound read existed in LibTIFF versions before 4.0.7. This was addressed by updating LibTIFF in ImageIO to version 4.0.7. CVE-2016-3619 Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2401: Lufeng Li of Qihoo 360 Vulcan Team Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An integer overflow was addressed through improved input validation. CVE-2017-2440: an anonymous researcher Kernel Available for: Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with root privileges Description: A race condition was addressed through improved memory handling. CVE-2017-2456: lokihardt of Google Project Zero Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed through improved memory management. CVE-2017-2472: Ian Beer of Google Project Zero Kernel Available for: Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2017-2473: Ian Beer of Google Project Zero Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: An off-by-one issue was addressed through improved bounds checking. CVE-2017-2474: Ian Beer of Google Project Zero Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed through improved locking. CVE-2017-2478: Ian Beer of Google Project Zero Kernel Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-2482: Ian Beer of Google Project Zero CVE-2017-2483: Ian Beer of Google Project Zero Keyboards Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-2458: Shashank (@cyberboyIndia) libarchive Available for: Apple TV (4th generation) Impact: A local attacker may be able to change file system permissions on arbitrary directories Description: A validation issue existed in the handling of symlinks. This issue was addressed through improved validation of symlinks. CVE-2017-2390: Omer Medan of enSilo Ltd libc++abi Available for: Apple TV (4th generation) Impact: Demangling a malicious C++ application may lead to arbitrary code execution Description: A use after free issue was addressed through improved memory management. CVE-2017-2441 Security Available for: Apple TV (4th generation) Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS Description: Under certain circumstances, Secure Transport failed to validate the authenticity of OTR packets. This issue was addressed by restoring missing validation steps. CVE-2017-2448: Alex Radocea of Longterm Security, Inc. Security Available for: Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with root privileges Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-2451: Alex Radocea of Longterm Security, Inc. Security Available for: Apple TV (4th generation) Impact: Processing a maliciously crafted x509 certificate may lead to arbitrary code execution Description: A memory corruption issue existed in the parsing of certificates. This issue was addressed through improved input validation. CVE-2017-2485: Aleksandar Nikolic of Cisco Talos WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may exfiltrate data cross-origin Description: A prototype access issue was addressed through improved exception handling. CVE-2017-2386: André Bargull WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved input validation. CVE-2016-9642: Gustavo Grieco CVE-2017-2394: Apple CVE-2017-2396: Apple WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-2395: Apple CVE-2017-2454: Ivan Fratric of Google Project Zero CVE-2017-2455: Ivan Fratric of Google Project Zero CVE-2017-2459: Ivan Fratric of Google Project Zero CVE-2017-2460: Ivan Fratric of Google Project Zero CVE-2017-2464: Jeonghoon Shin, Natalie Silvanovich of Google Project Zero CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab CVE-2017-2466: Ivan Fratric of Google Project Zero CVE-2017-2468: lokihardt of Google Project Zero CVE-2017-2469: lokihardt of Google Project Zero CVE-2017-2470: lokihardt of Google Project Zero CVE-2017-2476: Ivan Fratric of Google Project Zero CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed through improved memory handling. CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com) WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to high memory consumption Description: An uncontrolled resource consumption issue was addressed through improved regex processing. CVE-2016-9643: Gustavo Grieco WebKit Available for: Apple TV (4th generation) Impact: A malicious website may exfiltrate data cross-origin Description: A validation issue existed in the handling of page loading. This issue was addressed through improved logic. CVE-2017-2367: lokihardt of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue existed in the handling of frame objects. This issue was addressed with improved state management. CVE-2017-2445: lokihardt of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A logic issue existed in the handling of strict mode functions. This issue was addressed with improved state management. CVE-2017-2446: Natalie Silvanovich of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: Visiting a maliciously crafted website may compromise user information Description: A memory corruption issue was addressed through improved memory handling. CVE-2017-2447: Natalie Silvanovich of Google Project Zero WebKit Available for: Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue existed in frame handling. This issue was addressed through improved state management. CVE-2017-2475: lokihardt of Google Project Zero Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software.” To check the current version of software, select "Settings -> General -> About.” Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGpjcQAJKPb3MdrMBsNDx8ys8oYb1W D+yCQCO/fZigVpBVYqsISzpDyIBmbritZxhGu+IEszYPYI+T89b/zd0VbodBbAQE czxe+2qj6n1tJLI+AhWAeMlB4m3p8hQbMtzaVpORgcHfFZ0wQw3WSw6YNmVk7R6P uKwy4S6L/8ETQpWj1AOo63CoVAfY+mSKqwhYfUiZGrAcmsEyVahJdUWcLIfTCKOz M+HLs09jUOV0X/0HSZyLv2u0WUG0SD3OAgjgovihTEtSzBAPxbsXO4AryPGGsiJH Fu6ypIKn7ZXL4os7bSxjwAxAvAlAGqDQh1eriX/FGK6swoyxCFm7hG4oVhucZq/y lw9uAMZFzg/Kfwv9YfqqdDIub8ZpiswyALriWTkjA0Qnnv1ze8F11+/vByI7BgIq wLvZ7yiwjt6U7bSNAaiX9i7504kiYhyweWKypmj2L4Z+31214Yn/xLIz9Lybo1bR nmihZo3tX+INMOU03H+E3URVNmBXeex0nvF93fEENwro47EkGBtRARGk3kEzJs4k 5vmbDwguwESAZagxafwdEZRoz/iIELfZD5+UZ3Zbdfj44jtmobBE01l9ae+7/R/3 gD8JrQLPky2OC/uFy7VJAPGmktcXFZTlfvYMAWo9hdJ0Bx7rkQtL38PIHRHouuTQ 8I5xY9dTm0EnK950KLMK =/lwZ -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/security-announce/site_archiver%40li... This email sent to site_archiver@lists.apple.com