site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-11-05-6 macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update is now available and address the following issues. Information about the security content is also available at https://support.apple.com/HT211947. FontParser Available for: macOS Catalina 10.15.7 Impact: Processing a maliciously crafted font may lead to arbitrary code execution. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory corruption issue was addressed with improved input validation. CVE-2020-27930: Google Project Zero Kernel Available for: macOS Catalina 10.15.7 Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A type confusion issue was addressed with improved state handling. CVE-2020-27932: Google Project Zero Kernel Available for: macOS Catalina 10.15.7 Impact: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild. Description: A memory initialization issue was addressed. CVE-2020-27950: Google Project Zero Installation note: macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update may be obtained from the Mac App Store or Apple’s Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl+kivcACgkQZcsbuWJ6 jjC/jg//fiDRC2BA2WceDH5m2udfg9EiYYksZ2pB6SbjwfFEHcdiXk+Z3f1zKuyi de98zUekR91XaP6UsyhVmLRRJ0sibBNXpbI4pt9imsd25pBmmAUronmZgxBBlwek jPrO63uTLPkcc3qInX/F6Ua22lNAJKmZar+iXKmMX0z0v6Ll/HD/5rRR3SbdQp+S 1ng026fXMCaf5rVnJElk5ErzCsnmtHm8Oh/Zi+WjvLAXUOWB6Pq+fSGP7VF8rArk dsuubCWDUe7GbWZQUtj3FBQO2g+VoUBi4yJGWZqRCP4+nlbtqN1BpKIMlv4AxGNm 4ZN1Jj1mqlNjzbxffgigiu6EmlvA5z4gtFyCbDBNCp13CDTZmg3IxQ1P78m7zOun KV9m6c6ibxcYh79N+kY4Y1NCYYBlplagZ3ek4jPAUenUB/li/LaNobLkg/2BhoSv ymQRRdecU/B1oOXgEyafeYh1eiM7DlDp227s9lVfl8KOQHjzuXyheQAKRluSdLgv 3hbcXGwdGFFzDm3OBg5wD1PqGGJTEtfLXrguQ6Rp1d+GkM6kvLxZ/34ypkeGAEnY 8+DQzqO+fmLrjzVhCLr2Te5jUCKoC3qBAvCp9s9mJuqvM/jtaSYfwekUA6xdwkWI raNHHsLaUDB+xAseV/j21/ARXzc4Gsf67ncRQHKpewXiGEzkTXE= =vLMN -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/security-announce/site_archiver%40li... This email sent to site_archiver@lists.apple.com