site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-03-08-1 Java for Mac OS X 10.6 Update 4 Java for Mac OS X 10.6 Update 4 is now available and addresses the following: Java Available for: Mac OS X v10.6.6, Mac OS X Server v10.6.6 Impact: Multiple vulnerabilities in Java 1.6.0_22 Description: Multiple vulnerabilities exist in Java 1.6.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_24. Further information is available via the Java website at http://java.sun.com/javase/6/webnotes/ReleaseNotes.html CVE-ID CVE-2010-4422 CVE-2010-4447 CVE-2010-4448 CVE-2010-4450 CVE-2010-4454 CVE-2010-4462 CVE-2010-4463 CVE-2010-4465 CVE-2010-4467 CVE-2010-4468 CVE-2010-4469 CVE-2010-4470 CVE-2010-4471 CVE-2010-4472 CVE-2010-4473 CVE-2010-4476 Java for Mac OS X 10.6 Update 4 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ The download file is named: JavaForMacOSX10.6Update4.dmg Its SHA-1 digest is: 513d5c5b62fb1257b8bf582c1c11e02e944fa808 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJNdnX4AAoJEGnF2JsdZQee15UIAIOQ/o/p52iNLJM4T2koZhRi DnG49jI2v42vTRKU+d8l2AqlNVVVYFzMJ6SN3xbl1Rayu4y2wLzPR8KsVl64sQ03 9x61TE32fB1h7IMxAYHp0DDw6saHwMPOHhY1oOl6U47oXa3fRfOyjPu6PVV8XOCH ECubIG8fDqxjpk3PIpOZLGS8St6S9yMO7o5o791t/ObeQ7afZ3z268XWiM+Cn/pS lxCkDS494ke637Nx9gG/WQY63V1zbhmzKoCkYfDhZYiNq/0unQCviWT4SVDQ3doR IP9zCeJOvFcVZiM4Rp69CoVRJLHOZ3/IKg+tVg3SIAGbzHnjs8pyaNNNuYw8+rw= =HIdY -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com