• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2016-03-31-1 iBooks Author 2.4.1
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2016-03-31-1 iBooks Author 2.4.1


  • Subject: APPLE-SA-2016-03-31-1 iBooks Author 2.4.1
  • From: Apple Product Security <email@hidden>
  • Date: Thu, 31 Mar 2016 14:14:32 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-03-31-1 iBooks Author 2.4.1

iBooks Author 2.4.1 is now available and addresses the following:

iBooks Author
Available for:  OS X Yosemite v10.10 or later
Impact:  Parsing a maliciously crafted iBooks Author file may lead to
disclosure of user information
Description:  An XML external entity reference issue existed with
iBook Author parsing. This issue was addressed through improved
parsing.
CVE-ID
CVE-2016-1789 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach
(@ITSecurityguard)

iBooks Author 2.4.1 may be obtained from the App Store.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT201222
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJW/ZD8AAoJEBcWfLTuOo7t0tEP/jOndtapfdeu3rZ9jz8kvC0U
llXs4fFSacP++PWNAtLbh5zVf619YIicylTUVtGI2jAv2HPZNQN0r3K48e6Oa7Pr
LOPk1zR+jcU+0pn72lnO/0OzUdpa+lWoY+K2pnEbP40dBMM8OBO6oQzhHhWquZSE
N8jM+A2eO+UoxpfHFSopNmOnrVqvJCFTUYhlS8e2uYAPsZglZkPA20Z7VSju+sLA
HGvu3TB771dv3TpL+3kScYhH/yChEmFFHa5rG51C7UHgTLbfSYLcABRGpmNyyufa
p+nfqGuRc5CY67XacmcXqxJ3iqYjDlCNqcQl0HtCf+wZFky2xdBJ6G7ASbyDDeFP
APkisPOt6O+sYtfRiDKs8bqZiey2PR6ft2/1n4FMJv19VOTmhnlG7J1RWQm2ObOg
HCEYej6D21uzpRwbL9Ott5LF7uguHIW96g/ezZw7Q3TAWVbSDaFmxy8y1Fu5xSyo
+5vivMoPo4NME6NYU0SYxb/FzzcPv6VyeP+et2rgADcOwYieN3lQiRJRLWgODwgt
jcw/QVViq9hNIYIocjr4kXpD324SPhJdm55oDA98xJenlcxV7Uy8pEsbr2j2/+yK
E9Fn633U8YttSnqHqKgjQVLv5mBuDLzEG4HbR3FQNWMUBN6btUL9gY6acH75FP4p
/9/+EO8HZte9pHuNjeTk
=/Ihd
-----END PGP SIGNATURE-----
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden


  • Prev by Date: APPLE-SA-2016-03-28-1 OS X: Flash Player plug-in blocked
  • Previous by thread: APPLE-SA-2016-03-28-1 OS X: Flash Player plug-in blocked
  • Index(es):
    • Date
    • Thread