Sono stati rilasciati Safari 8.0.6, 7.1.6 e 6.2.6

Di
Adriano Gabor
-

Safari iconicoSafari 8.0.6, 7.1.6 si 6.2.6 au fost lansate au fost lansate de catre compania Apple in cursul noptii trecute pentru posesorii de Mac-uri din lumea intreaga, actualizarile avand rolul de a rezolva unele probleme de securitate ale browserului nativ al sistemului de operare OS X. OS X Yosemite, Mavericks si Mountain Lion sunt versiunile sistemului de operare afectate si pentru care actualizarile sunt disponibile pentru utilizatori, asa ca in alte versiuni nu le veti putea gasi deocamdata.

Utilizatorii sistemelor de operare OS X Yosemite, Mavericks, and Mountain Lion ofera posibilitatea de a instala actualizarile prin sistemul Software Update, astfel ca veti putea beneficia imediat de imbunatatirile oferite de catre Apple pentru voi.

Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6

  • WebKitAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3

    Impatto: la visita di un sito Web dannoso può comportare la chiusura imprevista dell'applicazione o l'esecuzione di codice arbitrario

    Descrizione: esistono diversi problemi di danneggiamento della memoria in WebKit. Questi problemi sono stati risolti attraverso una migliore gestione della memoria.

    CVE-ID

    CVE-2015-1152: Apple

    CVE-2015-1153: Apple

    CVE-2015-1154: Apple

  • WebKit HistoryAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3

    Impact: Visiting a maliciously crafted website may compromise user information on the filesystem

    Description: A state management issue existed in Safari that allowed unprivileged origins to access contents on the filesystem. This issue was addressed through improved state management.

    CVE-ID

    CVE-2015-1155 : Joe Vennix of Rapid7 Inc. working with HP’s Zero Day Initiative

  • WebKit Page LoadingAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.3

    Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing

    Description: An issue existed in the handling of the rel attribute in anchor elements. Target objects could get unauthorized access to link objects. This issue was addressed through improved link type adherence.

    CVE-ID

    CVE-2015-1156 : Zachary Durber of Moodle

ARTICOLI SIMILIDELLO STESSO AUTORE