• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2021-01-26-4 Xcode 12.4
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2021-01-26-4 Xcode 12.4

  • Subject: APPLE-SA-2021-01-26-4 Xcode 12.4
  • From: Apple Product Security via Security-announce <email@hidden>
  • Date: Tue, 26 Jan 2021 13:05:49 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-01-26-4 Xcode 12.4

Xcode 12.4 addresses the following issues. Information about the
security content is also available at
https://support.apple.com/HT212153.

Xcode IDE
Available for: macOS Catalina 10.15.4 and later
Impact: A malicious application may be able to access
arbitrary files on the host device while running an app
that uses on-demand resources with Xcode
Description: A path handling issue was addressed with
improved validation.
CVE-2021-1800: Theodore Dubois (@tbodt)

Installation note:

Xcode 12.4 may be obtained from:

https://developer.apple.com/xcode/downloads/

To check that the Xcode has been updated:

* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "Xcode 12.4".

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmAQgRcACgkQZcsbuWJ6
jjCzEQ//YOHe+Pi2janl+HduJZ7XHmNiPFX5tsXbfYddkwB34ZiLTeK7UPul+VM0
/Z6/5cuZNwvFhIFYTu2Gh+27gfW9i1wdnl2tIqfeyhN/w7NNdD7bDjJ4oVNsU3E0
BAO0OD76qWWhdm1vErj+74jtRAlhXcuV+PsyJT3n+unJlsYBGxlK56NdIrhbDnQW
IdZ6bGh6uCE643pret1TBtobnMJ/WUkFd1xuvVh2nkE9dUqh+rCrvDBWqkYKYh7m
MdGi45GU6y/viwWAn5rlDe/vsRABwCP/KpSZaaJOFhZt3IZF+jSMezFyWi6gwgQA
BnCrC+P0Q+V987vubp4gorueuRbBZ76Oye8Ltm5DHGnW7g3756R9QO3chLZPjGDv
IKwvyrbKL/+r41b6Jd2YOzF5PeuJXpAFTa4rYZdjauRlT2GCf68USWOobjJNhfOJ
/pC4PZqB1CfWywIXNFFirLNS/zrMp+qtbh69ThESXb25hiDkvc69kTW0k/SpdygA
+UHHo2vMymPrDuuZyINkxZm+h0Viy5PLldg6tlPTNFLeFgr2kNXepSjUqq7sTIN8
BF7ZQ+cpdSnzoo8zxteQZnc7RvhXDdMAUJT8lrVFD1mwob8Wr39dh8ANDhFTuJk3
Ee7P3rkLEQxV0U4bQns2GA9VaT54LlO7m+Qj1bYetnhLYjdPGEc=
=G4Ph
-----END PGP SIGNATURE-----

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Prev by Date: APPLE-SA-2021-01-26-3 watchOS 7.3
  • Previous by thread: APPLE-SA-2021-01-26-3 watchOS 7.3
  • Index(es):
    • Date
    • Thread