-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_35 Description: Multiple vulnerabilities exist in Java 1.6.0_35, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_37. Further information is available via the Java website athttp://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5086 CVE-2012-5089 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.dmg Its SHA-1 digest is: 2ca7594a6f7849b502715e8473cf46ef73570da6 For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX.dmg Its SHA-1 digest is: eff777cdc39b4e3336b3477f60e8ad769ded8532 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQf1joAAoJEPefwLHPlZEwXbQP/i8gRzj10s96zQhqUwIOWOjD cWR1ZzQyhgO/ZxwNs9eFXyb/VW94BVn+SwjtlPv9wOWe9zDHk+dz6bm39Jl3u3Cz 73UR6sN2hNvyA88q/N9Dk153U8xEzUMvJNVkgqgxDK+CymMT1Y6JsYN9PHKQgHyD 5aRMjIWV/DsU1YkHZ2FQXtpkS/e7oIxylPfrCRyKf/k5IPxmSFH9PapgNdsbBfll O/5x4GMO28nDeujtwoP3cnIl6o4pJtJteKy2S0z6QR5wMNskF/S7SvKCqgnwQfKe 6ritzl5Bfy7vSKbZcgW6pJQFwFVZGvMiHlFuqjvLQCN4FnEKiINhk5P6zBG2O1LS 4HFjDjn5Rr2B3hVRXeaNx2zVcdVj4875ThrQt2y6UdMh84N+2U5D8YWZZApqGDtC rA8Sze+iUgn3bRT8ygrmZF9fIgUeuWsOFwH3cUvcn2ah/W8TnoWqwCmHMvOan73s 9inbtP9Y6E9lyXPYk1NWkwtIgZTOvp0Ux2XGhb6JCu1Tr/j3wFTVZbKYQXFJuHCz wKBedfAGE7sPhbnkHuDBrTgfE3qSqJnU2MLmyxa9JxWCU/ruI+BZhTFXXOxL+afs +Y4PtgycjN9eV5C8+FIW5h3SFUgNXSGBT0iOTTLKReBC9vRBX0k+68CcVLqF6BD7 MIIDhqBe9HJAVcX5CPcv =yfHQ -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/security-announce/site_archiver%40li... This email sent to site_archiver@lists.apple.com