Vous êtes ici: index » cert » avis

Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés

Date : Wed, 16 Oct 2013 12:15:53 +0200
Type : VULN
Sujet : CERT-Renater : 2013/VULN460 (APPLE : APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and,Mac OS X v10.6 Update 17)
====================================================================
                           CERT-Renater

               Note d'Information No. 2013/VULN460
_____________________________________________________________________

DATE                : 16/10/2013

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S):  Mac OS X versions 10.6, 10.7, 10.8.

======================================================================
http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html
______________________________________________________________________

APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and
Mac OS X v10.6 Update 17

Java for OS X 2013-005 and Mac OS X v10.6 Update 17 is now available
and addresses the following:

Java
Available for:  Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7 or later, OS X Lion Server v10.7 or later,
OS X Mountain Lion 10.8 or later
Impact:  Multiple vulnerabilities in Java 1.6.0_51
Description:  8011782  Multiple vulnerabilities existed in Java
1.6.0_51, the most serious of which may allow an untrusted Java
applet to execute arbitrary code outside the Java sandbox. Visiting a
web page containing a maliciously crafted untrusted Java applet may
lead to arbitrary code execution with the privileges of the current
user. These issues were addressed by updating to Java version
1.6.0_65. Further information is available via the Java website at ht
tp://www.oracle.com/technetwork/java/javase/releasenotes-136954.html
CVE-ID
CVE-2013-3829
CVE-2013-4002
CVE-2013-5772
CVE-2013-5774
CVE-2013-5776
CVE-2013-5778
CVE-2013-5780
CVE-2013-5782
CVE-2013-5783
CVE-2013-5784
CVE-2013-5787
CVE-2013-5789
CVE-2013-5790
CVE-2013-5797
CVE-2013-5801
CVE-2013-5802
CVE-2013-5803
CVE-2013-5804
CVE-2013-5809
CVE-2013-5812
CVE-2013-5814
CVE-2013-5817
CVE-2013-5818
CVE-2013-5819
CVE-2013-5820
CVE-2013-5823
CVE-2013-5824
CVE-2013-5825
CVE-2013-5829
CVE-2013-5830
CVE-2013-5831
CVE-2013-5832
CVE-2013-5840
CVE-2013-5842
CVE-2013-5843
CVE-2013-5848
CVE-2013-5849
CVE-2013-5850


Java for OS X 2013-005 and Mac OS X v10.6 Update 17
may be obtained from the Software Update pane in System Preferences,
Mac App Store, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

For Mac OS X v10.6 systems
The download file is named: JavaForMacOSX10.6update17.dmg
Its SHA-1 digest is: 5dfe7eaebf9726352c97964da61d57fa28246c08

For OS X Lion and Mountain Lion systems
The download file is named: JavaForOSX2013-005.dmg
Its SHA-1 digest is: ce78f9a916b91ec408c933bd0bde5973ca8a2dc4


Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================

[An attachment of type application/pkcs7-signature was included here]