APPLE-SA-2023-04-07-3 Safari 16.4.1
APPLE-SA-2023-04-07-3 Safari 16.4.1
- Subject: APPLE-SA-2023-04-07-3 Safari 16.4.1
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Fri, 07 Apr 2023 11:53:53 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-04-07-3 Safari 16.4.1
Safari 16.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213722.
WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: A use after free issue was addressed with improved
memory management.
WebKit Bugzilla: 254797
CVE-2023-28205: Clément Lecigne of Google's Threat Analysis Group and
Donncha Ó Cearbhaill of Amnesty International’s Security Lab
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmQwYrsACgkQ4RjMIDke
NxmEoQ/+OXkd6XLV13F3cbrkCvFEvHndBySG93Q5o5ys0ClKqEc94Nvt5YPWalwJ
ugUlFAXBevTCHAND7pNNbrmYPFZY+8qrMyIU/fnhsVaCfH/o/raULxZwiE9ndskr
kjToHzEdMPrdtuC08gDHmYtr2thCb3M0Fv1rRqgIZ2ES9UBrrQJgFisTgZMgkylP
02gN+1Ifa9JEBe7QMyRDhoC2uUvrBZI+jZJItVdysi3O1zYkMd+5D1icpwIotP0P
lCLsFUAaccNXNDtcMr/XdHAuF5dcdDj0Kylmg79zC1mz79VUch3TerWb6HunBUTO
NFVlzbQwqNx+Csf6bDSSx0nHuqGz6pEfR65bTbzSh01+Yqjd+uht0aZVbNlptus7
LKyrusRBN7QxlvoBY5JR+/CbGy3Tunj0YJk8SLG/QFCEDugjucT9O9myohlKWf7A
f+1j/M2f/YKmQCyvhfREFBee8jzWj8FLLV/a6tIfVWe/IcrLGZDP13Q3nl7Ky55Y
ndfXpNvN4ElAbSOyop3KkrfN1TgCGjeWhP+M5dK4RS9KsC+LF3AsejnUzLcQt2qW
0e3dRCiyrhAAB9nKTFYtaJGoD6+jaQiCq4qGlC9fL8QNC6NvvvBrko+jE7Ws38vz
dog2MVasAb+2vENqBo7ZKrgS0W/bRHV2x/NRo0lrQfKYma1koc0=
=JOpa
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden