OS X Server 5.0.3 is now available and addresses the following:
apache
Available for: OS X Yosemite v10.10.4 or later
Impact: Multiple vulnerabilities in Apache, the most serious of
which may allow a remote attacker to cause a denial of service
Description: Multiple vulnerabilities existed in Apache versions
prior to 2.4.16. These issues were addressed by updating Apache to
version 2.4.16.
CVE-ID
CVE-2013-5704
CVE-2014-3581
CVE-2014-3583
CVE-2014-8109
CVE-2015-0228
CVE-2015-0253
CVE-2015-3183
CVE-2015-3185
BIND
Available for: OS X Yosemite v10.10.4 or later
Impact: Multiple vulnerabilities in BIND, the most severe of which
may allow a remote attacker to cause a denial of service
Description: Multiple vulnerabilities existed in BIND versions prior
to 9.9.7. These issues were addressed by updating BIND to version
9.9.7.
CVE-ID
CVE-2014-8500
CVE-2015-1349
PostgreSQL
Available for: OS X Yosemite v10.10.4 or later
Impact: Multiple vulnerabilities in PostgreSQL, the most serious of
which may lead to arbitrary code execution
Description: Multiple vulnerabilities existed in PostgreSQL versions
prior to 9.3.9. These issues were addressed by updating PostgreSQL to
version 9.3.9.
CVE-ID
CVE-2014-0067
CVE-2014-8161
CVE-2015-0241
CVE-2015-0242
CVE-2015-0243
CVE-2015-0244
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
Wiki Server
Available for: OS X Yosemite v10.10.4 or later
Impact: Multiple XML security issues in Wiki Server
Description: Multiple XML vulnerabilities existed in Wiki Server
based on Twisted. This issue was addressed by removing Twisted.
CVE-ID
CVE-2015-5911 : Zachary Jones of WhiteHat Security Threat Research
Center
OS X Server 5.0.3 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/
Komentarų nėra:
Rašyti komentarą