APPLE-SA-05-13-2024-1 Safari 17.5
APPLE-SA-05-13-2024-1 Safari 17.5
- Subject: APPLE-SA-05-13-2024-1 Safari 17.5
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Mon, 13 May 2024 20:58:27 -0400
- Original-recipient: rfc822;email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-05-13-2024-1 Safari 17.5
Safari 17.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214103.
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
WebKit
Available for: macOS Monterey and macOS Ventura
Impact: An attacker with arbitrary read and write capability may be able
to bypass Pointer Authentication
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 272750
CVE-2024-27834: Manfred Paul (@_manfp) working with Trend Micro's Zero
Day Initiative
Additional recognition
Safari Downloads
We would like to acknowledge Arsenii Kostromin (0x3c3e) for their
assistance.
Safari 17.5 may be obtained from the Mac App Store.
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmZCrkgACgkQX+5d1TXa
Ivparg//cfUi2Ylya0hfHUzbXtVdoWnbLApJOXFxAQM/DgKBGg+dtJnVyMNN+I1D
lN8SOuVIxVK+WedX4OKIdKgFlj48ucLdBAIExRqBq6VdSmlL6JK6WVSa3Vrw2ihC
U7DH0EtREotFgHPiJQMvmxORIUYONAoWHmgqaYNIcKfO6LByp4nN+VcQLjWmlQmn
jwXigd6pho/+udTEZesFmBNMnTMoRXiR5v+2kBmFj4BOFkZG1oMXqdPtF8MJDVaW
McjQBqGHs/ijyyAAd96swKZSvnCFEUQcgV888aJFjHFjyhNz1VC+AsaPT8bHnWh7
UvkWKgyyMdWMXpC0P9Et2Su4OddCQ/8Z7PI2M3rLL8V75Zq//l7q7wqpkEPFv/BM
LRcEHP5bWSRFWV57mFLsb44WAxEzl1R1ezroW8oh78gHd5s1upms4fhu6aohO6/E
jyd9OLwshu8jmEkeJXbcnZh1qiKauaLGoYP/kxFNoEKmexoWMxOrP+d599BgaMvw
tgGwvuENUE7pnRUWLBqc3T8rtDktUjdSEFBn74bzycc+GNzqbbrQTPm7SlG7t7fJ
jKQU7gbzViA/P32vLkwwrLMk0w0HsCuyJ8YdRd5tBcegIxZ6z2hLsiUtiHCSF5Wu
lZZ+QLteehEkHYqafuV4vbCqYeySJveKwi6+TFVI73u/XzsYGcc=
=Ypt5
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-05-13-2024-1 Safari 17.5
Safari 17.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214103.
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
WebKit
Available for: macOS Monterey and macOS Ventura
Impact: An attacker with arbitrary read and write capability may be able
to bypass Pointer Authentication
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 272750
CVE-2024-27834: Manfred Paul (@_manfp) working with Trend Micro's Zero
Day Initiative
Additional recognition
Safari Downloads
We would like to acknowledge Arsenii Kostromin (0x3c3e) for their
assistance.
Safari 17.5 may be obtained from the Mac App Store.
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmZCrkgACgkQX+5d1TXa
Ivparg//cfUi2Ylya0hfHUzbXtVdoWnbLApJOXFxAQM/DgKBGg+dtJnVyMNN+I1D
lN8SOuVIxVK+WedX4OKIdKgFlj48ucLdBAIExRqBq6VdSmlL6JK6WVSa3Vrw2ihC
U7DH0EtREotFgHPiJQMvmxORIUYONAoWHmgqaYNIcKfO6LByp4nN+VcQLjWmlQmn
jwXigd6pho/+udTEZesFmBNMnTMoRXiR5v+2kBmFj4BOFkZG1oMXqdPtF8MJDVaW
McjQBqGHs/ijyyAAd96swKZSvnCFEUQcgV888aJFjHFjyhNz1VC+AsaPT8bHnWh7
UvkWKgyyMdWMXpC0P9Et2Su4OddCQ/8Z7PI2M3rLL8V75Zq//l7q7wqpkEPFv/BM
LRcEHP5bWSRFWV57mFLsb44WAxEzl1R1ezroW8oh78gHd5s1upms4fhu6aohO6/E
jyd9OLwshu8jmEkeJXbcnZh1qiKauaLGoYP/kxFNoEKmexoWMxOrP+d599BgaMvw
tgGwvuENUE7pnRUWLBqc3T8rtDktUjdSEFBn74bzycc+GNzqbbrQTPm7SlG7t7fJ
jKQU7gbzViA/P32vLkwwrLMk0w0HsCuyJ8YdRd5tBcegIxZ6z2hLsiUtiHCSF5Wu
lZZ+QLteehEkHYqafuV4vbCqYeySJveKwi6+TFVI73u/XzsYGcc=
=Ypt5
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden