site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2010-03-31-1 AirPort Base Station Update 2010-001 AirPort Base Station Update 2010-001 is now available and addresses the following: AirPort Utility CVE-ID: CVE-2009-2822 Available for: Mac OS X v10.5.7 or later, Windows 7, Vista, XP Impact: An unauthorized user may be able to connect to a restricted network that uses a network extender Description: An AirPort administrator may restrict access to a network by specifying a MAC address ACL. There is an issue where MAC address ACLs are not properly propagated to network extenders. This can allow an unauthorized user to access a network that should be restricted via the MAC address ACL. This update addresses the issue through improved distribution of settings to network extenders. Credit to Guido Lamberty for reporting this issue. AirPort Base Station Update 2010-001 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The manual download is named AirPort Utility 5.5.1. AirPort Utility for Mac OS X The download file is named: AirPortUtility551.dmg Its SHA-1 digest is: 542636fb7d538795cf18db6aa4453c4bcb570c19 AirPort Utility for Windows 7, Vista or XP The download file is named: AirPortSetup.exe Its SHA-1 digest is: a18af3cd329ab3adb31c794ede1a408b4f861968 To check that AirPort Utility has been updated: * Launch AirPort Utility * Select "About AirPort Utility" in the "AirPort Utility" menu. The version after applying this update will be "5.5.1" or later. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJLs3/5AAoJEHkodeiKZIkBAuQH/A6OXYFdQITlt/QaJ1T8xTLv tz5qibzt0yaIZJKB0r45YuHgdwHIdIfzHzRR1lfHw48F8OCC0BXISCHYhBDlvyBa MMiJOHh5iqhBI8+6qneiuEqGszCDC/tOpWOEAlsxL6221TFOv5knytFffeQLyMsI EFjok8HItekvvMiQw8rn3Rt7U9F70/9lx6QWFQCxxnw8ezHkzAW5tohgflMQZjx6 FOM99d5fx+2TIB03tDlSv+PrXTuCEoJQqN+Siqi2yif0I3suE7bAeWn6Z8Qjyo7p Plq8xNv89om3qUu2pw/HIpIqCMFktnOHAyiIFQvWt4OiHqFO41DnhXS4pQ6kBZE= =HfTD -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com