site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2010-02-02-1 iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch is now available and addresses the following: CoreAudio CVE-ID: CVE-2010-0036 Available for: iPhone OS 1.0 through 3.1.2, iPhone OS for iPod touch 1.1 through 3.1.2 Impact: Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow exists in the handling of mp4 audio files. Playing a maliciously crafted mp4 audio file may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Credit to Credit to Tobias Klein of trapkit.de for reporting this issue. ImageIO CVE-ID: CVE-2009-2285 Available for: iPhone OS 1.0 through 3.1.2, iPhone OS for iPod touch 1.1 through 3.1.2 Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A buffer underflow exists in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved bounds checking. Recovery Mode CVE-ID: CVE-2010-0038 Available for: iPhone OS 1.0 through 3.1.2, iPhone OS for iPod touch 1.1 through 3.1.2 Impact: A person with physical access to a locked device may be able to access the user's data Description: A memory corruption issue exists in the handling of a certain USB control message. A person with physical access to the device could use this to bypass the passcode and access the user's data. This issue is addressed through improved handling of the USB control message. WebKit CVE-ID: CVE-2009-3384 Available for: iPhone OS 1.0 through 3.1.2, iPhone OS for iPod touch 1.1 through 3.1.2 Impact: Accessing a maliciously crafted FTP server could result in an unexpected application termination, information disclosure, or arbitrary code execution Description: Multiple input validation issues exist in WebKit's handling of FTP directory listings. Accessing a maliciously crafted FTP server may lead to information disclosure, unexpected application termination, or execution of arbitrary code. This update addresses the issues through improved parsing of FTP directory listings. Credit to Michal Zalewski of Google Inc. for reporting these issues. WebKit CVE-ID: CVE-2009-2841 Available for: iPhone OS 1.0 through 3.1.2, iPhone OS for iPod touch 1.1 through 3.1.2 Impact: Mail may load remote audio and video content when remote image loading is disabled Description: When WebKit encounters an HTML 5 Media Element pointing to an external resource, it does not issue a resource load callback to determine if the resource should be loaded. This may result in undesired requests to remote servers. As an example, the sender of an HTML-formatted email message could use this to determine that the message was read. This issue is addressed by generating resource load callbacks when WebKit encounters an HTML 5 Media Element. Installation note: These updates are only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone or iPod touch is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone or iPod touch. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone or iPod touch is docked to your computer. To check that the iPhone or iPod touch has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "3.1.3 (7E18)" or later. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iQEcBAEBAgAGBQJLZygKAAoJEHkodeiKZIkBTjEH/2O0ngi57ZGyu78D5MTNV+7q 5ckIyTEwHKDV1WflUHze9/XW7ElGrFP5veo6a8PU4YnHu5H65AKuBmM0R++h4N7d W5KR9CBmzjbifilLw4BFl87BEZYLu/UcZzdwdNrX6p+DtdD17i78VPkQTRy0lFDN ryKTnBMtm4ewrGXNpj2dyg4XNxAan4qMp3aWA08l9MTFr36Mca99FzeEBc/vg25J 9ssQCo1GNb3QHDPLqTfYrY8uNV3+PJ2G4W3niJmgbeoqzZtJnPD6PwXrJmnTlB7c KW1YEubwxZbcd2y/pgQRFdr96vH2/496Z0spFbMMWdiA8qVKajF9w3bzCHgAa0U= =GkOi -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com