-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update2016-003OS X El Capitan 10.11.5 and Security Update 2016-003 is now availableand addresses the following:AMDAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1792 : beist and ABH of BoBAMDAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,and OS X El Capitan v10.11 and laterImpact: An application may be able to determine kernel memory layoutDescription: An issue existed that led to the disclosure of kernelmemory content. This issue was addressed through improved boundschecking.CVE-IDCVE-2016-1791 : daybreaker of Minionzapache_mod_phpAvailable for: OS X El Capitan v10.11 and laterImpact: Multiple vulnerabilities in PHPDescription: Multiple vulnerabilities existed in PHP versions priorto 5.5.34. These were addressed by updating PHP to version 5.5.34.CVE-IDCVE-2015-8865CVE-2016-3141CVE-2016-3142CVE-2016-4070CVE-2016-4071CVE-2016-4072CVE-2016-4073AppleGraphicsControlAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A null pointer dereference was addressed throughimproved validation.CVE-IDCVE-2016-1793 : Ian Beer of Google Project ZeroCVE-2016-1794 : Ian Beer of Google Project ZeroAppleGraphicsPowerManagementAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1795 : Moony Li (@Flyic) and Jack Tang (@jacktang310) ofTrend MicroATSAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to determine kernel memory layoutDescription: An out of bounds memory access issue was addressedthrough improved memory handling.CVE-IDCVE-2016-1796 : lokihardt working with Trend Micro's Zero DayInitiativeATSAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withsystem privilegesDescription: An issue existed in the sandbox policy. This wasaddressed by sandboxing FontValidator.CVE-IDCVE-2016-1797 : lokihardt working with Trend Micro's Zero DayInitiativeAudioAvailable for:OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and laterImpact: An application may be able to cause a denial of serviceDescription: A null pointer dereference was addressed throughimproved validation.CVE-IDCVE-2016-1798 : Juwei Lin of TrendMicroAudioAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A memory corruption issue was addressed throughimproved input validation.CVE-IDCVE-2016-1799 : Juwei Lin of TrendMicroCaptive Network AssistantAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,and OS X El Capitan v10.11 and laterImpact: An attacker in a privileged network position may be able toexecute arbitrary code with user assistanceDescription: A custom URL scheme handling issue was addressedthrough improved input validation.CVE-IDCVE-2016-1800 : AppleCFNetwork ProxiesAvailable for: OS X El Capitan v10.11 and laterImpact: An attacker in a privileged network position may be able toleak sensitive user informationDescription: An information leak existed in the handling of HTTP andHTTPS requests. This issue was addressed through improved URLhandling.CVE-IDCVE-2016-1801 : Alex Chapman and Paul Stone of Context InformationSecurityCommonCryptoAvailable for: OS X El Capitan v10.11 and laterImpact: A malicious application may be able to leak sensitive userinformationDescription: An issue existed in the handling of return values inCCCrypt. This issue was addressed through improved key lengthmanagement.CVE-IDCVE-2016-1802 : Klaus RodewigCoreCaptureAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A null pointer dereference was addressed throughimproved validation.CVE-IDCVE-2016-1803 : Ian Beer of Google Project Zero, daybreaker workingwith Trend Microâ??s Zero Day InitiativeCoreStorageAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A configuration issue was addressed through additionalrestrictions.CVE-IDCVE-2016-1805 : Stefan EsserCrash ReporterAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withroot privilegesDescription: A configuration issue was addressed through additionalrestrictions.CVE-IDCVE-2016-1806 : lokihardt working with Trend Micro's Zero DayInitiativeDisk ImagesAvailable for: OS X El Capitan v10.11 and laterImpact: A local attacker may be able to read kernel memoryDescription: A race condition was addressed through improvedlocking.CVE-IDCVE-2016-1807 : Ian Beer of Google Project ZeroDisk ImagesAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A memory corruption issue existed in the parsing ofdisk images. This issue was addressed through improved memoryhandling.CVE-IDCVE-2016-1808 : Moony Li (@Flyic) and Jack Tang (@jacktang310) ofTrend MicroDisk UtilityAvailable for: OS X El Capitan v10.11 and laterImpact: Disk Utility failed to compress and encrypt disk imagesDescription: Incorrect keys were being used to encrypt disk images.This issue was addressed by updating the encryption keys.CVE-IDCVE-2016-1809 : Ast A. Moore (@astamoore) and David Foster ofTechSmartKidsGraphics DriversAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: Multiple memory corruption issues were addressedthrough improved memory handling.CVE-IDCVE-2016-1810 : Moony Li (@Flyic) and Jack Tang (@jacktang310) ofTrend MicroImageIOAvailable for: OS X El Capitan v10.11 and laterImpact: Processing a maliciously crafted image may lead to a denialof serviceDescription: A null pointer dereference was addressed throughimproved validation.CVE-IDCVE-2016-1811 : Lander Brandt (@landaire)Intel Graphics DriverAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A buffer overflow was addressed through improved boundschecking.CVE-IDCVE-2016-1812 : Juwei Lin of TrendMicroIOAcceleratorFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to cause a denial of serviceDescription: A null pointer dereference was addressed throughimproved locking.CVE-IDCVE-2016-1814 : Juwei Lin of TrendMicroIOAcceleratorFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: Multiple memory corruption issues were addressedthrough improved memory handling.CVE-IDCVE-2016-1815 : Liang Chen, Qidan He of KeenLab, Tencent working withTrend Micro's Zero Day InitiativeCVE-2016-1817 : Moony Li (@Flyic) and Jack Tang (@jacktang310) ofTrend Micro working with Trend Micro's Zero Day InitiativeCVE-2016-1818 : Juwei Lin of TrendMicroCVE-2016-1819 : Ian Beer of Google Project ZeroIOAcceleratorFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A null pointer dereference was addressed throughimproved validation.CVE-IDCVE-2016-1813 : Ian Beer of Google Project ZeroCVE-2016-1816 : Peter Pi (@heisecode) of Trend Micro and Juwei Lin ofTrend MicroIOAudioFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A buffer overflow was addressed with improved boundschecking.CVE-IDCVE-2016-1820 : Moony Li (@Flyic) and Jack Tang (@jacktang310) ofTrend Micro working with Trend Microâ??s Zero Day InitiativeIOAudioFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A null pointer dereference was addressed throughimproved validation.CVE-IDCVE-2016-1821 : Ian Beer of Google Project ZeroIOFireWireFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1822 : CESGIOHIDFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1823 : Ian Beer of Google Project ZeroCVE-2016-1824 : Marco Grassi (@marcograss) of KeenLab (@keen_lab),TencentIOHIDFamilyAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: Multiple memory corruption issues were addressedthrough improved memory handling.CVE-IDCVE-2016-1825 : Brandon AzadKernelAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: Multiple memory corruption issues were addressedthrough improved memory handling.CVE-IDCVE-2016-1827 : Brandon AzadCVE-2016-1828 : Brandon AzadCVE-2016-1829 : CESGCVE-2016-1830 : Brandon AzadCVE-2016-1831 : Brandon AzadKernelAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: An integer overflow existed in dtrace. This issue wasaddressed through improved bounds checking.CVE-IDCVE-2016-1826 : Ben Murphy working with Trend Microâ??s Zero DayInitiativelibcAvailable for: OS X El Capitan v10.11 and laterImpact: A local attacker may be able to cause unexpected applicationtermination or arbitrary code executionDescription: A memory corruption issue was addressed throughimproved input validation.CVE-IDCVE-2016-1832 : Karl Williamsonlibxml2Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,and OS X El Capitan v10.11 and laterImpact: Processing maliciously crafted XML may lead to an unexpectedapplication termination or arbitrary code executionDescription: Multiple memory corruption issues were addressedthrough improved memory handling.CVE-IDCVE-2016-1833 : Mateusz JurczykCVE-2016-1834 : AppleCVE-2016-1835 : Wei Lei and Liu Yang of Nanyang TechnologicalUniversityCVE-2016-1836 : Wei Lei and Liu Yang of Nanyang TechnologicalUniversityCVE-2016-1837 : Wei Lei and Liu Yang of Nanyang TechnologicalUniversityCVE-2016-1838 : Mateusz JurczykCVE-2016-1839 : Mateusz JurczykCVE-2016-1840 : Kostya SerebryanylibxsltAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,and OS X El Capitan v10.11 and laterImpact: Visiting a maliciously crafted website may lead to arbitrarycode executionDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1841 : Sebastian ApeltMapKitAvailable for: OS X El Capitan v10.11 and laterImpact: An attacker in a privileged network position may be able toleak sensitive user informationDescription: Shared links were sent with HTTP rather than HTTPS.This was addressed by enabling HTTPS for shared links.CVE-IDCVE-2016-1842 : Richard Shupak (http://ift.tt/1VZkuHS)MessagesAvailable for: OS X El Capitan v10.11 and laterImpact: A malicious server or user may be able to modify anotheruser's contact listDescription: A validation issue existed in roster changes. Thisissue was addressed through improved validation of roster sets.CVE-IDCVE-2016-1844 : Thijs Alkemade of ComputestMessagesAvailable for: OS X El Capitan v10.11 and laterImpact: A remote attacker may be able to leak sensitive userinformationDescription: An encoding issue existed in filename parsing. Thisissue was addressed through improved filename encoding.CVE-IDCVE-2016-1843 : Heige (a.k.a. SuperHei) of Knownsec 404 Security Team[http://www.knownsec.com]Multi-TouchAvailable for: OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withsystem privilegesDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1804 : Liang Chen, Yubin Fu, Marco Grassi of KeenLab,Tencent of Trend Micro's Zero Day InitiativeNVIDIA Graphics DriversAvailable for:OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and laterImpact: An application may be able to execute arbitrary code withkernel privilegesDescription: Multiple memory corruption issues were addressedthrough improved memory handling.CVE-IDCVE-2016-1846 : Ian Beer of Google Project ZeroOpenGLAvailable for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,and OS X El Capitan v10.11 and laterImpact: Processing maliciously crafted web content may lead toarbitrary code executionDescription: Multiple memory corruption issues were addressedthrough improved memory handling.CVE-IDCVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto NetworksQuickTimeAvailable for: OS X El Capitan v10.11 and laterImpact: Opening a maliciously crafted file may lead to unexpectedapplication termination or arbitrary code executionDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1848 : Francis Provencher from COSIGSceneKitAvailable for: OS X El Capitan v10.11 and laterImpact: Opening a maliciously crafted file may lead to unexpectedapplication termination or arbitrary code executionDescription: A memory corruption issue was addressed throughimproved memory handling.CVE-IDCVE-2016-1850 : Tyler Bohan of Cisco TalosScreen LockAvailable for: OS X El Capitan v10.11 and laterImpact: A person with physical access to a computer may be able toreset an expired password from the lock screenDescription: An issue existed in the management of passwordprofiles. This issue was addressed through improved password resethandling.CVE-IDCVE-2016-1851 : an anonymous researcherTclAvailable for: OS X El Capitan v10.11 and laterImpact: An attacker in a privileged network position may be able toleak sensitive user informationDescription: A protocol security issue was addressed by disablingSSLv2.CVE-IDCVE-2016-1853 : researchers at Tel Aviv University, MünsterUniversity of Applied Sciences, Ruhr University Bochum, theUniversity of Pennsylvania, the Hashcat project, the University ofMichigan, Two Sigma, Google, and the OpenSSL project: Nimrod Aviram,Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel,Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, ViktorDukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, ChristofPaar, and Yuval ShavittNote: OS X El Capitan 10.11.5 includes the security content of Safari9.1.1. For further details see http://ift.tt/27sWcKgOS X El Capitan 10.11.5 and Security Update 2016-003 may be obtainedfrom the Mac App Store or Apple's Software Downloads web site:http://ift.tt/10BwSPwInformation will also be posted to the Apple Security Updatesweb site: http://ift.tt/1p75l9HThis message is signed with Apple's Product Security PGP key,and details are available at:http://ift.tt/JvT2t4-----BEGIN PGP SIGNATURE-----Comment: GPGTools - https://gpgtools.orgiQIcBAEBCgAGBQJXOj0GAAoJEIOj74w0bLRGFp0QANQktsdXgOptLJWGqWXaDKmWHaY0fNyuXNLzGNH2GKQ1yXi2KjMqGnCuAwaS3Ku/4qx2Imq3X+BLLYrSOwttbAvQyGdWaFo1ExK/WT4CI02QM7LDOZNXOyZq/ofQ4jXi/wDpuXXNV+I+RsMMUJL4Uon92fngj7FHXk4fvCYs9lahjv+wDGkpIcVDTU6Liqxmje2KQzShYJ8tYwwacsOSQKxkbmsUiA9q9zkGbbo7mo5WikQUO1XWaBLQiBejzJMyNEFGECtOc9B4+irTJgERTSHbigd2875EmH/sNI6WkEQNZwpMfdKBhNI/W9e/DhZVSwAydK6xt8yr0vd5ZF/M8jCUCWGzoOQI1snlr862Ccx7H+db8umu1UmDMUjz1To+hqCEhnvMW2/oRvrKtk2Q65PuSTqixhDl0HEamvX/72r7LNsZHjzmoGoKjpwjnGf0phZgSBP1bWKmhp9748Rcb12aLzwRy7KJ20W8XGGiMeqKoe4bFaBK6iBJok4+ZpROadGrxtjVumtqbZ5CrY1Hp8/FI4VMuReDqG39G4yyDeAEr9JWRdmV285Z1zaxOgd2CsPblDfEWp9HiBpC8Agd1p9xMf/EDssinL1K7dQQPIXgGUE5S6Z2DzGEeKvHzm8kLxl0OfwntATY/mf7TM0nj4JYYyNMZcKPuYVmF3b2PAfb=P+17-----END PGP SIGNATURE-----[ reply ]from SecurityFocus Vulnerabilities http://ift.tt/1VZksjk
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update
2016-003
OS X El Capitan 10.11.5 and Security Update 2016-003 is now available
and addresses the following:
AMD
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1792 : beist and ABH of BoB
AMD
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 and later
Impact: An application may be able to determine kernel memory layout
Description: An issue existed that led to the disclosure of kernel
memory content. This issue was addressed through improved bounds
checking.
CVE-ID
CVE-2016-1791 : daybreaker of Minionz
apache_mod_php
Available for: OS X El Capitan v10.11 and later
Impact: Multiple vulnerabilities in PHP
Description: Multiple vulnerabilities existed in PHP versions prior
to 5.5.34. These were addressed by updating PHP to version 5.5.34.
CVE-ID
CVE-2015-8865
CVE-2016-3141
CVE-2016-3142
CVE-2016-4070
CVE-2016-4071
CVE-2016-4072
CVE-2016-4073
AppleGraphicsControl
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1793 : Ian Beer of Google Project Zero
CVE-2016-1794 : Ian Beer of Google Project Zero
AppleGraphicsPowerManagement
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1795 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro
ATS
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to determine kernel memory layout
Description: An out of bounds memory access issue was addressed
through improved memory handling.
CVE-ID
CVE-2016-1796 : lokihardt working with Trend Micro's Zero Day
Initiative
ATS
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: An issue existed in the sandbox policy. This was
addressed by sandboxing FontValidator.
CVE-ID
CVE-2016-1797 : lokihardt working with Trend Micro's Zero Day
Initiative
Audio
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: An application may be able to cause a denial of service
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1798 : Juwei Lin of TrendMicro
Audio
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1799 : Juwei Lin of TrendMicro
Captive Network Assistant
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 and later
Impact: An attacker in a privileged network position may be able to
execute arbitrary code with user assistance
Description: A custom URL scheme handling issue was addressed
through improved input validation.
CVE-ID
CVE-2016-1800 : Apple
CFNetwork Proxies
Available for: OS X El Capitan v10.11 and later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An information leak existed in the handling of HTTP and
HTTPS requests. This issue was addressed through improved URL
handling.
CVE-ID
CVE-2016-1801 : Alex Chapman and Paul Stone of Context Information
Security
CommonCrypto
Available for: OS X El Capitan v10.11 and later
Impact: A malicious application may be able to leak sensitive user
information
Description: An issue existed in the handling of return values in
CCCrypt. This issue was addressed through improved key length
management.
CVE-ID
CVE-2016-1802 : Klaus Rodewig
CoreCapture
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1803 : Ian Beer of Google Project Zero, daybreaker working
with Trend Microâ??s Zero Day Initiative
CoreStorage
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A configuration issue was addressed through additional
restrictions.
CVE-ID
CVE-2016-1805 : Stefan Esser
Crash Reporter
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
root privileges
Description: A configuration issue was addressed through additional
restrictions.
CVE-ID
CVE-2016-1806 : lokihardt working with Trend Micro's Zero Day
Initiative
Disk Images
Available for: OS X El Capitan v10.11 and later
Impact: A local attacker may be able to read kernel memory
Description: A race condition was addressed through improved
locking.
CVE-ID
CVE-2016-1807 : Ian Beer of Google Project Zero
Disk Images
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue existed in the parsing of
disk images. This issue was addressed through improved memory
handling.
CVE-ID
CVE-2016-1808 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro
Disk Utility
Available for: OS X El Capitan v10.11 and later
Impact: Disk Utility failed to compress and encrypt disk images
Description: Incorrect keys were being used to encrypt disk images.
This issue was addressed by updating the encryption keys.
CVE-ID
CVE-2016-1809 : Ast A. Moore (@astamoore) and David Foster of
TechSmartKids
Graphics Drivers
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1810 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro
ImageIO
Available for: OS X El Capitan v10.11 and later
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1811 : Lander Brandt (@landaire)
Intel Graphics Driver
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-ID
CVE-2016-1812 : Juwei Lin of TrendMicro
IOAcceleratorFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to cause a denial of service
Description: A null pointer dereference was addressed through
improved locking.
CVE-ID
CVE-2016-1814 : Juwei Lin of TrendMicro
IOAcceleratorFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1815 : Liang Chen, Qidan He of KeenLab, Tencent working with
Trend Micro's Zero Day Initiative
CVE-2016-1817 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro working with Trend Micro's Zero Day Initiative
CVE-2016-1818 : Juwei Lin of TrendMicro
CVE-2016-1819 : Ian Beer of Google Project Zero
IOAcceleratorFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1813 : Ian Beer of Google Project Zero
CVE-2016-1816 : Peter Pi (@heisecode) of Trend Micro and Juwei Lin of
Trend Micro
IOAudioFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-ID
CVE-2016-1820 : Moony Li (@Flyic) and Jack Tang (@jacktang310) of
Trend Micro working with Trend Microâ??s Zero Day Initiative
IOAudioFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A null pointer dereference was addressed through
improved validation.
CVE-ID
CVE-2016-1821 : Ian Beer of Google Project Zero
IOFireWireFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1822 : CESG
IOHIDFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1823 : Ian Beer of Google Project Zero
CVE-2016-1824 : Marco Grassi (@marcograss) of KeenLab (@keen_lab),
Tencent
IOHIDFamily
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1825 : Brandon Azad
Kernel
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1827 : Brandon Azad
CVE-2016-1828 : Brandon Azad
CVE-2016-1829 : CESG
CVE-2016-1830 : Brandon Azad
CVE-2016-1831 : Brandon Azad
Kernel
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An integer overflow existed in dtrace. This issue was
addressed through improved bounds checking.
CVE-ID
CVE-2016-1826 : Ben Murphy working with Trend Microâ??s Zero Day
Initiative
libc
Available for: OS X El Capitan v10.11 and later
Impact: A local attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A memory corruption issue was addressed through
improved input validation.
CVE-ID
CVE-2016-1832 : Karl Williamson
libxml2
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 and later
Impact: Processing maliciously crafted XML may lead to an unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1833 : Mateusz Jurczyk
CVE-2016-1834 : Apple
CVE-2016-1835 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1836 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1837 : Wei Lei and Liu Yang of Nanyang Technological
University
CVE-2016-1838 : Mateusz Jurczyk
CVE-2016-1839 : Mateusz Jurczyk
CVE-2016-1840 : Kostya Serebryany
libxslt
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1841 : Sebastian Apelt
MapKit
Available for: OS X El Capitan v10.11 and later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: Shared links were sent with HTTP rather than HTTPS.
This was addressed by enabling HTTPS for shared links.
CVE-ID
CVE-2016-1842 : Richard Shupak (http://ift.tt/1VZkuHS)
Messages
Available for: OS X El Capitan v10.11 and later
Impact: A malicious server or user may be able to modify another
user's contact list
Description: A validation issue existed in roster changes. This
issue was addressed through improved validation of roster sets.
CVE-ID
CVE-2016-1844 : Thijs Alkemade of Computest
Messages
Available for: OS X El Capitan v10.11 and later
Impact: A remote attacker may be able to leak sensitive user
information
Description: An encoding issue existed in filename parsing. This
issue was addressed through improved filename encoding.
CVE-ID
CVE-2016-1843 : Heige (a.k.a. SuperHei) of Knownsec 404 Security Team
[http://www.knownsec.com]
Multi-Touch
Available for: OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1804 : Liang Chen, Yubin Fu, Marco Grassi of KeenLab,
Tencent of Trend Micro's Zero Day Initiative
NVIDIA Graphics Drivers
Available for:
OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1846 : Ian Beer of Google Project Zero
OpenGL
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed
through improved memory handling.
CVE-ID
CVE-2016-1847 : Tongbo Luo and Bo Qu of Palo Alto Networks
QuickTime
Available for: OS X El Capitan v10.11 and later
Impact: Opening a maliciously crafted file may lead to unexpected
application termination or arbitrary code execution
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1848 : Francis Provencher from COSIG
SceneKit
Available for: OS X El Capitan v10.11 and later
Impact: Opening a maliciously crafted file may lead to unexpected
application termination or arbitrary code execution
Description: A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1850 : Tyler Bohan of Cisco Talos
Screen Lock
Available for: OS X El Capitan v10.11 and later
Impact: A person with physical access to a computer may be able to
reset an expired password from the lock screen
Description: An issue existed in the management of password
profiles. This issue was addressed through improved password reset
handling.
CVE-ID
CVE-2016-1851 : an anonymous researcher
Tcl
Available for: OS X El Capitan v10.11 and later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: A protocol security issue was addressed by disabling
SSLv2.
CVE-ID
CVE-2016-1853 : researchers at Tel Aviv University, Münster
University of Applied Sciences, Ruhr University Bochum, the
University of Pennsylvania, the Hashcat project, the University of
Michigan, Two Sigma, Google, and the OpenSSL project: Nimrod Aviram,
Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel,
Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor
Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Christof
Paar, and Yuval Shavitt
Note: OS X El Capitan 10.11.5 includes the security content of Safari
9.1.1. For further details see http://ift.tt/27sWcKg
OS X El Capitan 10.11.5 and Security Update 2016-003 may be obtained
from the Mac App Store or Apple's Software Downloads web site:
http://ift.tt/10BwSPw
Information will also be posted to the Apple Security Updates
web site: http://ift.tt/1p75l9H
This message is signed with Apple's Product Security PGP key,
and details are available at:
http://ift.tt/JvT2t4
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJXOj0GAAoJEIOj74w0bLRGFp0QANQktsdXgOptLJWGqWXaDKmW
HaY0fNyuXNLzGNH2GKQ1yXi2KjMqGnCuAwaS3Ku/4qx2Imq3X+BLLYrSOwttbAvQ
yGdWaFo1ExK/WT4CI02QM7LDOZNXOyZq/ofQ4jXi/wDpuXXNV+I+RsMMUJL4Uon9
2fngj7FHXk4fvCYs9lahjv+wDGkpIcVDTU6Liqxmje2KQzShYJ8tYwwacsOSQKxk
bmsUiA9q9zkGbbo7mo5WikQUO1XWaBLQiBejzJMyNEFGECtOc9B4+irTJgERTSHb
igd2875EmH/sNI6WkEQNZwpMfdKBhNI/W9e/DhZVSwAydK6xt8yr0vd5ZF/M8jCU
CWGzoOQI1snlr862Ccx7H+db8umu1UmDMUjz1To+hqCEhnvMW2/oRvrKtk2Q65Pu
STqixhDl0HEamvX/72r7LNsZHjzmoGoKjpwjnGf0phZgSBP1bWKmhp9748Rcb12a
LzwRy7KJ20W8XGGiMeqKoe4bFaBK6iBJok4+ZpROadGrxtjVumtqbZ5CrY1Hp8/F
I4VMuReDqG39G4yyDeAEr9JWRdmV285Z1zaxOgd2CsPblDfEWp9HiBpC8Agd1p9x
Mf/EDssinL1K7dQQPIXgGUE5S6Z2DzGEeKvHzm8kLxl0OfwntATY/mf7TM0nj4JY
YyNMZcKPuYVmF3b2PAfb
=P+17
-----END PGP SIGNATURE-----
[ reply ]