Full Disclosure mailing list archives

By Date By Thread APPLE-SA-2015-09-16-4 OS X Server 5.0.3 From: Apple Product Security <product-security-noreply () lists apple com>

Date: Wed, 16 Sep 2015 12:42:47 -0700

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-09-16-4 OS X Server 5.0.3 OS X Server 5.0.3 is now available and addresses the following: apache Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in Apache, the most serious of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These issues were addressed by updating Apache to version 2.4.16. CVE-ID CVE-2013-5704 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-3183 CVE-2015-3185 BIND Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in BIND, the most severe of which may allow a remote attacker to cause a denial of service Description: Multiple vulnerabilities existed in BIND versions prior to 9.9.7. These issues were addressed by updating BIND to version 9.9.7. CVE-ID CVE-2014-8500 CVE-2015-1349 PostgreSQL Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities in PostgreSQL, the most serious of which may lead to arbitrary code execution Description: Multiple vulnerabilities existed in PostgreSQL versions prior to 9.3.9. These issues were addressed by updating PostgreSQL to version 9.3.9. CVE-ID CVE-2014-0067 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 Wiki Server Available for: OS X Yosemite v10.10.4 or later Impact: Multiple XML security issues in Wiki Server Description: Multiple XML vulnerabilities existed in Wiki Server based on Twisted. This issue was addressed by removing Twisted. CVE-ID CVE-2015-5911 : Zachary Jones of WhiteHat Security Threat Research Center OS X Server 5.0.3 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJV+cTeAAoJEBcWfLTuOo7tAaoP/A6mRcB0zcLWjPVf4Aatmaha z8CXbm0hBfcGcVR4iqyVMVRCS9NEY4u3dyXIuHVA+zWM1qNb+kolm/1oIT4mwUlk C2mBlcu92FhGe0+5qsDYEOVHbQrhX+fWI4icG35Tke6IU2Rmdl1vyzZbk3TikOl7 WxHxcn7lcFZqUgqq2FM3I/P06yuC75NSNj85+7ZIySpRhwQQ3AVgWal8SEH/Gufv ScT4Oj0ejD9SlzkTBCkvOYpzN8jumkIqRbtKuAKZV0BIf50eyoUYmNYvBwwKoHa7 l2MgRzdtZu9qrdIJ26pkPYuPd39ChsLveBOjciMT85ZcfwJKWb2XvJ7YUVAy9SKv IXkuiePRMbxSc3o5Tv0CKt9hf06irAMhNw/sujwQfAIyCw0iWLtaEjPveBafbBZ5 bWoHUdLojK5ubaAjOGH/R1QfSB99IasxLo7DldKzLHuff5LAXqQLBXrVyce2C8ug GxJjJjVcD6KoBB2bZ6a/J9lBBft9CTISQIS3g7o8iYaRg0cpNE1yIa0IEWinpfPb eYA3mAxAVXeSZ2cB346DrEGVSJO3RCQb7IxSi6fu2/4FlAyoMzAK5unIaU02E8Y4 c4wKGN4cWSP9RdiJrwCQmzzYPv8ClaJF6ZinNo0wuYP00Te0JavQXaslFEvgkFa+ x7UDm7nSbhr2aPDxeJ3G =ou8d -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/ By Date By Thread Current thread: APPLE-SA-2015-09-16-4 OS X Server 5.0.3 Apple Product Security (Sep 16)