When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could incorrectly send the cookies for a domain to a server outside that domain. Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive informationĭescription: An issue existed in CFNetwork's handling of HTTP cookies.
Os x lion firewall update#
This update addresses the issue through improved handling of cookie storage.ĬVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin C. Safari's cookie preferences may not be honored, allowing websites to set cookies that would be blocked were the preference enforced. Impact: Safari may store cookies it is not configured to acceptĭescription: A synchronization issue existed in CFNetwork's handling of cookie policies. The complete list of recognized system roots may be viewed via the Keychain Access application. Several existing certificates were updated to their most recent version. Impact: Root certificates have been updatedĭescription: Several trusted certificates were added to the list of system roots.
Os x lion firewall mac os x#
These issues are addressed by updating BIND to version 9.6-ESV-R4-P3.Īvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1.
These issues are addressed by updating BIND to version 9.7.3-P3.ĭescription: Multiple denial of service issues existed in BIND. Impact: Multiple vulnerabilities in BIND 9.7.3ĭescription: Multiple denial of service issues existed in BIND 9.7.3.
Os x lion firewall code#
Impact: Applications which use the ATSFontDeactivate API may be vulnerable to an unexpected application termination or arbitrary code executionĭescription: A buffer overflow issue existed in the ATSFontDeactivate API.ĬVE-2011-0230 : Steven Michaud of Mozilla This issue does not affect OS X Lion systems.ĬVE-2011-0229 : Will Dormann of the CERT/CC This issue does not affect systems prior to OS X Lion.Īvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8ĭescription: An out of bounds memory access issue existed in ATS' handling of Type 1 fonts.
Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code executionĭescription: A signedness issue existed in ATS' handling of Type 1 fonts. Impact: Executing a binary with a maliciously crafted name may lead to arbitrary code execution with elevated privilegesĭescription: A format string vulnerability existed in Application Firewall's debug logging.Īvailable for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Further information is available via the Apache web site at CVE-2011-0419 does not affect OS X Lion systems. Impact: Multiple vulnerabilities in Apacheĭescription: Apache is updated to version 2.2.20 to address several vulnerabilities, the most serious of which may lead to a denial of service. Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1
0 kommentar(er)
