Home page logo
/

bugtraq logo Bugtraq mailing list archives

APPLE-SA-2014-05-16-1 iTunes 11.2.1
From: Apple Product Security <product-security-noreply () lists apple com>
Date: Fri, 16 May 2014 22:39:22 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-05-16-1 iTunes 11.2.1

iTunes 11.2.1 is now available and addresses the following:

iTunes
Available for:  Mac OS X v10.6.8 or later
Impact:  A local user can compromise other local user accounts
Description:  Upon each reboot, the permissions for the /Users and
/Users/Shared directories would be set to world-writable, allowing
modification of these directories. This issue was addressed with
improved permission handling. For information on the general content
of iTunes 11.2.1, see http://support.apple.com/kb/TS5434
CVE-ID
CVE-2014-1347


iTunes 11.2.1 may be obtained from:
http://www.apple.com/itunes/download/

The download file is named: iTunes11.2.1.dmg
Its SHA-1 digest is: d7e00140775bd15069ded529388add2ce6f0b538

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTdvWrAAoJEBcWfLTuOo7t1rgP+gL3Z02WLrsQb66XvuTEz9Ij
KHKL/y3yXzMIdwEqFsHvcd8Ls9lBaiSFTkXIWXhgWsW8PZPFZBahprnbbszFmwJ6
P9g2QRWstQFpveImGdrMW3E9yjIf7YvkjD2NNNpG4NUXiejwWANJ1kmfHJ9ny1vs
L8bIImea5+mTMt+fvrJp3vWGAhLSfJYc9HQvIqJxhESiAW0dOoprbkTGVPRbR5wE
w7d1m5LS8nvmWi8blLKvLtv+AX2HJvLniJwYkZXa4kMUy25nYLrTZ09aRMfP2Ygg
4fjsIphrnpScl9gGaBYbp3vncR/g0Nypw0b3/ahlmBnEFFIXHJNjudoW8vbBdyaM
7x1A4y1iVregs7LKRwExhZGjc85WYJis1asVE4A0L8rjqjj/OskXUyFFZ2wKEwic
apZPyeqGOPpdwa3CsHcq7RZZb1Y8aceeLviXKb2iOC37toRMnDkMr2SBd/xD6TfE
fWxBbFnxsY+BFbfz9QUpvtmWI3a399vqt6J9RXxve/a/nd8XyCUdgTxhGSf+uUZ4
U6vJppHF+nzXjaua8L7z8RXxQDfjFm2pI9a3VfRjq50hrznCprXSIR148//WSiHJ
Y6Ss5s+lHLedmdudW9Fsiywb0ImEK88bQtmHg4WqxOfFbC9X25262WhDN+m7KoGJ
4kQtMB6mjCY/WsU+frOA
=P5hZ
-----END PGP SIGNATURE-----

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail


  By Date           By Thread  

Current thread:
  • APPLE-SA-2014-05-16-1 iTunes 11.2.1 Apple Product Security (May 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]