APPLE-SA-2021-09-20-5 Safari 15

[product-security-noreply--- via Fulldisclosure <fulldisclosure () seclists org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-09-20-5 Safari 15

Safari 15 addresses the following issues. Information about the
security content is also available at 
https://support.apple.com/HT212816.

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2021-30846: Sergei Glazunov of Google Project Zero

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2021-30848: Sergei Glazunov of Google Project Zero

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2021-30849: Sergei Glazunov of Google Project Zero

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2021-30851: Samuel Groß of Google Project Zero

Installation note:

This update may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFI884ACgkQeC9qKD1p
rhgQKRAAtAtjoHZeSq76axhTkrfDs3yQ2/8h5RLQP+95h77SAMwmd6j9HVpgPpAR
jtsOm7C4GKfL3QiHKbR3+mWMku8Lp4thqUQMCYx0rjmlVKdS5LV8ANyGyf1QtDD3
M2V4jkbC1498d3V2MvvrttLajjjZAP6LlnK2nU/OI+Uir700XV7V56AmRplDHwdJ
SdUJ+XpK+8sK49sOILTSWWmf4FJmOhnB359wM+YG4tneoue9GDuujV9GzrSMgnrI
bNxUqUnddFxfFI8Yn3Bhb+cpivRwLwN/l4ISlyYAGyhVdtPLAetrRMnz/WT96ut3
tx1ks5Y38xtk2O/8icarqNWop3Ah5RehI+XmdCRideU3m8UUJMx55elwIEz3urxT
kKVzs+zhL48dP1xClV5agDOPG0RnwqgecFcAeut7z3vAS8nleavHWDzdZ50v8+zI
ycaLBQjv7IJ1pZyA7q+S7etkrbIfRpJgmEAuJhJwsxKgTinRosyL85sVvbwNbptV
o+3Ed+4tE8WaQpPkHoILc48elS8StBigdjbJwIdYqGvUuLrlkmwRizZwyl4/60Tm
scVpUffKchASL/Qmx7CDirGuNAlX7/L5wUOzr2KxcXtIBOhc8fcbra0Z+Tg9PCBX
AF9OMAO5V4Wog/WX8+AyfNnpXWtuBu5hzNtAXta1D3qotpOJ5fM=
=VcXk
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/