Xcode 6.2 beta 3 is now available and addresses the following:
Git
Available for: OS X Mavericks v10.9.4 or later
Impact: Synching with a malicious git repository may allow
unexpected files to be added to the .git folder
Description: The checks involved in disallowed paths did not account
for case insensitivity or unicode characters. This issue was
addressed by adding additional checks.
CVE-ID
CVE-2014-9390 : Matt Mackall of Mercurial and Augie Fackler of
Mercurial
Xcode 6.2 beta 3 may be obtained from:
https://developer.apple.com/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "6.2 (6C101)".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/
Komentarų nėra:
Rašyti komentarą