site_archiver@lists.apple.com Delivered-To: security-announce@lists.apple.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2008-03-19 AirPort Extreme Base Station Firmware 7.3.1 Firmware version 7.3.1 is now available for AirPort Extreme 802.11n* base stations. (* Based on an IEEE 802.11n draft specification) Further information on the base station is available via: http://www.apple.com/airportextreme/ Firmware version 7.3.1 fixes the following security issue: AirPort Extreme Base Station with 802.11n* CVE-ID: CVE-2008-1012 Available for: AirPort Extreme Base Station with 802.11n* Impact: A maliciously crafted AFP request may lead to a denial of service Description: An input validation issue exists in the AirPort Extreme Base Station's handling of AFP requests, which may cause file sharing to become unresponsive. This update addresses the issue by performing additional validation of AFP requests. This issue does not affect Time Capsule or AirPort Express. The fix for this issue is available in the following separate updates: - - AirPort Extreme with 802.11n (Fast Ethernet) 7.3.1 - - AirPort Extreme with 802.11n (Gigabit Ethernet) 7.3.1 Credit to Alex deVries for reporting this issue. Installation note for Firmware version 7.3.1 Firmware version 7.3.1 is installed into an AirPort Extreme Base Station with 802.11n* by running the AirPort Utility which is provided with the Base Station. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: 9.7.0.1012 wsBVAwUBR+GxNsgAoqu4Rp5tAQhT1gf+NuYABuNdXgJgDSVJmrZVbhT9xWUIgltH +ZnN0anYrwvbRjuRQS8ZC4zNhx7mAuunwpZO9KhoNDsf55f1g/TrCi7GkTVZghll a7+zVHOY48KpEYuMRs+L5p88mTKjSkuAdXMpla4jejQHK+lb68kg+zHQlmL9A93l LJg7ZC5lvzV+4depHpKkwmEQ3oxRs9l6N51+5SXX1j/eYtVZUKhxnd2yRP1lFITt SiFuBzjpquGqSaV3YdhydpGXZeEcP4rbm3x2pGXSeY2wqH4oXLd+BajnBUGy6ubw hn6oMbn+umxKksIJU5unqd0EtaLbXzODCCGmESsA/kOLPNECfOzXAw== =mnKc -----END PGP SIGNATURE----- _______________________________________________ Do not post admin requests to the list. They will be ignored. Security-announce mailing list (Security-announce@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/security-announce/site_archiver%40lis... This email sent to site_archiver@lists.apple.com