Xcode 6.3 is now available and addresses the following:
Clang
Available for: OS X Mavericks v10.9.4 or later
Impact: An attacker may be able to bypass stack guards
Description: A register allocation issue existed in clang which
sometimes led to stack cookie pointers being stored on the stack
itself. This issue was addressed with improved register allocation.
Swift
Available for: OS X Mavericks v10.9.4 or later
Impact: Swift programs performing certain type conversions may
receive unexpected values
Description: A integer overflow issue existed in the simulator that
could lead to conversions returning unexpected values. This issue was
addressed by using improved checks.
CVE-ID
CVE-2015-1149
Xcode 6.3 may be obtained from:
https://developer.apple.com/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "6.3".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/
Komentarų nėra:
Rašyti komentarą