You are here
Home > Preporuke > Sigurnosni propust programskog paketa iTunes

Sigurnosni propust programskog paketa iTunes

  • Detalji os-a: MAC
  • Važnost: IMP
  • Operativni sustavi: M
  • Kategorije: APL

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

APPLE-SA-2014-05-16-1 iTunes 11.2.1

iTunes 11.2.1 is now available and addresses the following:

iTunes
Available for: Mac OS X v10.6.8 or later
Impact: A local user can compromise other local user accounts
Description: Upon each reboot, the permissions for the /Users and
/Users/Shared directories would be set to world-writable, allowing
modification of these directories. This issue was addressed with
improved permission handling. For information on the general content
of iTunes 11.2.1, see http://support.apple.com/kb/TS5434
CVE-ID
CVE-2014-1347

iTunes 11.2.1 may be obtained from:
http://www.apple.com/itunes/download/

The download file is named: iTunes11.2.1.dmg
Its SHA-1 digest is: d7e00140775bd15069ded529388add2ce6f0b538

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

—–BEGIN PGP SIGNATURE—–
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools – http://gpgtools.org

iQIcBAEBAgAGBQJTdvWrAAoJEBcWfLTuOo7t1rgP+gL3Z02WLrsQb66XvuTEz9Ij
KHKL/y3yXzMIdwEqFsHvcd8Ls9lBaiSFTkXIWXhgWsW8PZPFZBahprnbbszFmwJ6
P9g2QRWstQFpveImGdrMW3E9yjIf7YvkjD2NNNpG4NUXiejwWANJ1kmfHJ9ny1vs
L8bIImea5+mTMt+fvrJp3vWGAhLSfJYc9HQvIqJxhESiAW0dOoprbkTGVPRbR5wE
w7d1m5LS8nvmWi8blLKvLtv+AX2HJvLniJwYkZXa4kMUy25nYLrTZ09aRMfP2Ygg
4fjsIphrnpScl9gGaBYbp3vncR/g0Nypw0b3/ahlmBnEFFIXHJNjudoW8vbBdyaM
7x1A4y1iVregs7LKRwExhZGjc85WYJis1asVE4A0L8rjqjj/OskXUyFFZ2wKEwic
apZPyeqGOPpdwa3CsHcq7RZZb1Y8aceeLviXKb2iOC37toRMnDkMr2SBd/xD6TfE
fWxBbFnxsY+BFbfz9QUpvtmWI3a399vqt6J9RXxve/a/nd8XyCUdgTxhGSf+uUZ4
U6vJppHF+nzXjaua8L7z8RXxQDfjFm2pI9a3VfRjq50hrznCprXSIR148//WSiHJ
Y6Ss5s+lHLedmdudW9Fsiywb0ImEK88bQtmHg4WqxOfFbC9X25262WhDN+m7KoGJ
4kQtMB6mjCY/WsU+frOA
=P5hZ
—–END PGP SIGNATURE—–

—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – http://gpgtools.org

iQIcBAEBAgAGBQJTdvYKAAoJEBcWfLTuOo7ta1AP/2/ykPIMN+d2YnvZGbsv/6MR
ddil3qDly1UmC2Pb4f+NrzShnTdWTZmaH8RLtmcLEnoZl6KOWbmZ7yUdqY99dv1x
YgfWJ0lAZNT91GMl3tLsL983P0uLXffHvq6FlkU5BO7b2XpJnKRoW2UAFIxVKwkm
bYKhbwIl3E5EsWtgrdAdqs9dRF8zojqOsVot+qUNzeilNvCEdHnD/PZEA8y6A+aC
ljk5cvYxHkEQoCfJ6noq4GxB72os1Q/HrB+9MM71RAt1JmrLZ9eINwogu9ZBZLSg
KzXOukFVSpDkv1QIT6XhbMTWmJpfKTJA8QTL3P52GL96i0AA579BM0uy05tlfTs9
QNP7ELu7mME6ylxH0c414tSq/Y4ulvj9bmyLT/cqyMMjrGm9xga4vxjGZLUVOy1Y
pNG+G2H+de0Ho/3Ii7vhjSRLkWaa61TZzwP+PmGvrgzeXV3DBuqyBhT1amsEcp4f
xNsOu7bVzQgFEHJGNT+XoJF5x2/K1RpDh/R4MYQFvrax8Dp0o9dILn4fXpDD1M1/
O5UnPytP1fVvJ1vJL6Dhz2m0Tz7+55pxv1kW3/z6Uqh2Idde3kYfUU0hnV2MnfWw
E3CubOx0p2bVY8dExrWO/YFmZT0UFI+IOmSZvdACHG85q68/ViK6YqkRV14pOOym
Ai6dPs3HMQJI8pCQIWas
=K0WM
—–END PGP SIGNATURE—–
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)

AutorTomislav Protega
Cert idNCERT-REF-2014-05-0044-ADV
CveCVE-2014-1347
ID izvornikaAPPLE-SA-2014-05-16-1
ProizvodiTunes
Izvorhttp://www.apple.com
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa util-linux

Otkriveni su sigurnosni nedostaci u programskom paketu util-linux za operacijski sustav Gentoo. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja...

Close