• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2011-04-18-1 iTunes 10.2.2
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2011-04-18-1 iTunes 10.2.2

  • Subject: APPLE-SA-2011-04-18-1 iTunes 10.2.2
  • From: Apple Product Security <email@hidden>
  • Date: Mon, 18 Apr 2011 13:17:28 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2011-04-18-1 iTunes 10.2.2

iTunes 10.2.2 is now available and addresses the following:

WebKit
Available for:  Windows 7, Vista, XP SP2 or later
Impact:  A man-in-the-middle attack may lead to an unexpected
application termination or arbitrary code execution
Description:  Multiple memory corruption issues exist in WebKit. A
man-in-the-middle attack while browsing the iTunes Store via iTunes
may lead to an unexpected application termination or arbitrary code
execution.
CVE-ID
CVE-2011-1290 : Vincenzo Iozzo, Willem Pinckaers, Ralf-Philipp
Weinmann, and an anonymous researcher working with TippingPoint's
Zero Day Initiative
CVE-2011-1344 : Vupen Security working with TippingPoint's Zero Day
Initiative, and Martin Barbella


iTunes 10.2.2 may be obtained from:
http://www.apple.com/itunes/download/

For Mac OS X:
The download file is named: "iTunes10.2.2.dmg"
Its SHA-1 digest is: 7b94065174927dbce71182c89a00b3966021ceb8

For Windows XP / Vista / Windows 7:
The download file is named: "iTunesSetup.exe"
Its SHA-1 digest is: 30c97f21cb7ec9921b80c7dfd3a9f460b6746045

For 64-bit Windows XP / Vista / Windows 7:
The download file is named: "iTunes64Setup.exe"
Its SHA-1 digest is: 10d04b03e9733827e69a20bcf46f5e7ea97e0cd3

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)

iQEcBAEBAgAGBQJNrGo/AAoJEGnF2JsdZQeeKf0H/2PRqBD4DJdyLvpcTu6x8QD1
TY+SkHSJFK8H3G48fBL45QSM0eFg9FoqQ0DX0Y89X3HPYeWnRxPOQsCyeYV9BaS0
6dYL16OmW0f1kvals0NHGFvFLNd7AFVgxE7Ujr0xsSl8HwrUpwLpF8Qf4lDzbOWo
CL9O6nnvR5BipT4fCnh8KWq4RvGbd/VaGqkGuYXE898SYEbcp8LJr1McYh2S3P1l
EZzj2p2Z+CJTaka/fyfsl6NgG7g6wpqCcwnqHAxPqixIc5V9ZqSIM7ZI5GkdrZF0
qYY+9tSXdgJqA1oIPE/odOkdh7+qoEqmAJ2eaWRmUvaBBYS0rxKghO3ovU2LEDs=
=Hy4U
-----END PGP SIGNATURE-----
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Prev by Date: APPLE-SA-2011-04-14-4 Security Update 2011-002
  • Previous by thread: APPLE-SA-2011-04-14-4 Security Update 2011-002
  • Index(es):
    • Date
    • Thread