APPLE-SA-03-25-2024-1 Safari 17.4.1
APPLE-SA-03-25-2024-1 Safari 17.4.1
- Subject: APPLE-SA-03-25-2024-1 Safari 17.4.1
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Mon, 25 Mar 2024 20:28:32 -0700
- Original-recipient: rfc822;email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-03-25-2024-1 Safari 17.4.1
Safari 17.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214094.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
WebRTC
Available for: macOS Monterey and macOS Ventura
Impact: Processing an image may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-1580: Nick Galloway of Google Project Zero
Safari 17.4.1 may be obtained from the Mac App Store.
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmYCPKcACgkQX+5d1TXa
IvpFfBAAvnUeX8jpQu9uS+hiv0FKFu/YUSafIVOutV2ls8jQbdd3HVKwIRNmTZ4g
0u7drE/D9mTBMzfmvdyNKk4lrnsvgJYNgurGPudpqDr7LmzkDdn0DOWL5xxSs7Jx
ekUxjtHiPtEPMs41gs9ZZMHiMhU/r6G9LaTa2WrRcrBeqkLnepmee9RfrSbXDV5q
NMGio6W95JWgRLM0+c06Jk/A6VhnrxwqFug9NMDXr/EgxxMjG5mxZKY7qXXUcWe+
D2CI/1SRI0ucAkIKN5IDFY5X4Y/XWvp8YeVqdtQQ6RmfJDEE9zPRFSlr/PKRFnba
LfEPFzWCDMZ6qqP9eSph7+8wFLngWwksf0O9xBq6KF+LUqIVb9RkJ1VZnYZluTt4
tT161H0aTHOq9LhcFbAA5kQbdpfX7aulYq1xkaGz1a2KJxYFmr1p26Q7HMWHw5Zz
BlnRH4xsQkoKaU96WSylDUdO5DYiQ27cRQddvqP40xIOTaK/SBTUlEYDCviU+8Xs
1KhLmuSgfnra+akn0vCmy5tu/+DzlmUT4kvJsvcOApDyKtoeSzPUYucw65RrcEo3
Aa/3eT3R8o9S8mdq6c3OIEF16/2IyxT9fJJE0YeQTli8zmkTu0Pw0RG2DzQhnfI6
lDKmfx3c1PyCOU3By0XIfqsI9t3oWXcvbAgSgnDC6lmnZ7X2KpY=
=JCdc
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-03-25-2024-1 Safari 17.4.1
Safari 17.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214094.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
WebRTC
Available for: macOS Monterey and macOS Ventura
Impact: Processing an image may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-1580: Nick Galloway of Google Project Zero
Safari 17.4.1 may be obtained from the Mac App Store.
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmYCPKcACgkQX+5d1TXa
IvpFfBAAvnUeX8jpQu9uS+hiv0FKFu/YUSafIVOutV2ls8jQbdd3HVKwIRNmTZ4g
0u7drE/D9mTBMzfmvdyNKk4lrnsvgJYNgurGPudpqDr7LmzkDdn0DOWL5xxSs7Jx
ekUxjtHiPtEPMs41gs9ZZMHiMhU/r6G9LaTa2WrRcrBeqkLnepmee9RfrSbXDV5q
NMGio6W95JWgRLM0+c06Jk/A6VhnrxwqFug9NMDXr/EgxxMjG5mxZKY7qXXUcWe+
D2CI/1SRI0ucAkIKN5IDFY5X4Y/XWvp8YeVqdtQQ6RmfJDEE9zPRFSlr/PKRFnba
LfEPFzWCDMZ6qqP9eSph7+8wFLngWwksf0O9xBq6KF+LUqIVb9RkJ1VZnYZluTt4
tT161H0aTHOq9LhcFbAA5kQbdpfX7aulYq1xkaGz1a2KJxYFmr1p26Q7HMWHw5Zz
BlnRH4xsQkoKaU96WSylDUdO5DYiQ27cRQddvqP40xIOTaK/SBTUlEYDCviU+8Xs
1KhLmuSgfnra+akn0vCmy5tu/+DzlmUT4kvJsvcOApDyKtoeSzPUYucw65RrcEo3
Aa/3eT3R8o9S8mdq6c3OIEF16/2IyxT9fJJE0YeQTli8zmkTu0Pw0RG2DzQhnfI6
lDKmfx3c1PyCOU3By0XIfqsI9t3oWXcvbAgSgnDC6lmnZ7X2KpY=
=JCdc
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden