Alert GCSA-19124 - Apple Security Updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-19124
Data: 13 Dicembre 2019
Titolo: Apple Multiple Security Updates
******************************************************************
Apple ha rilasciato degli aggiornamenti di sicurezza che risolvono delle
vulnerabilita' presenti nei sistemi operativi e nelle applicazioni.
Per una descrizione degli aggiornamenti consultare le segnalazioni
ufficiali alla sezione 'Riferimenti'.
:: Piattaforme e Software aggiornati
Xcode 11.3
watchOS 5.3.4
watchOS 6.1.1
tvOS 13.3
macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security
Update 2019-007 High Sierra
Safari 13.0.4
iOS 12.4.4
iOS 13.3 and iPadOS 13.3
iTunes 12.10.3 for Windows
iCloud for Windows 7.16 (includes AAS 8.2)
:: Impatto
In funzione dell'applicazione e dei sistemi, vulnerabilita' sfruttabili
per esecuzione di codice arbitrario a vari livelli di privilegi (fino al
kernel), crash dell'applicazione o di tutto il sistema.
:: Soluzione
Applicare gli aggiornamenti disponibili, se non gia' abilitati
automaticamente come configurazione predefinita.
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT201222
https://support.apple.com/en-us/HT210796
https://support.apple.com/it-it/HT210791
https://support.apple.com/it-it/HT210789
https://support.apple.com/it-it/HT210790
https://support.apple.com/it-it/HT210788
https://support.apple.com/it-it/HT210792
https://support.apple.com/it-it/HT210787
https://support.apple.com/it-it/HT210785
https://support.apple.com/en-us/HT210793
https://support.apple.com/en-us/HT210795
CERT Nazionale
https://www.certnazionale.it/news/2019/12/12/aggiornamenti-di-sicurezza-per-prodotti-apple-10-11-dicembre-2019/
US-CERT
https://www.us-cert.gov/ncas/current-activity/2019/12/10/apple-releases-multiple-security-updates
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8828
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8830
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8832
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8833
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8840
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15163
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15165
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
GARR CERT Newsletter subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCXfOFuQAKCRDBnEyTZRJg
QvLkAJ456bncWHAHpZUQMQdIFMDt33tUyQCg2nDLJXMGEs8+rf4nqQtOLdAGVys=
=/2I+
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-19124
Data: 13 Dicembre 2019
Titolo: Apple Multiple Security Updates
******************************************************************
Apple ha rilasciato degli aggiornamenti di sicurezza che risolvono delle
vulnerabilita' presenti nei sistemi operativi e nelle applicazioni.
Per una descrizione degli aggiornamenti consultare le segnalazioni
ufficiali alla sezione 'Riferimenti'.
:: Piattaforme e Software aggiornati
Xcode 11.3
watchOS 5.3.4
watchOS 6.1.1
tvOS 13.3
macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security
Update 2019-007 High Sierra
Safari 13.0.4
iOS 12.4.4
iOS 13.3 and iPadOS 13.3
iTunes 12.10.3 for Windows
iCloud for Windows 7.16 (includes AAS 8.2)
:: Impatto
In funzione dell'applicazione e dei sistemi, vulnerabilita' sfruttabili
per esecuzione di codice arbitrario a vari livelli di privilegi (fino al
kernel), crash dell'applicazione o di tutto il sistema.
:: Soluzione
Applicare gli aggiornamenti disponibili, se non gia' abilitati
automaticamente come configurazione predefinita.
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT201222
https://support.apple.com/en-us/HT210796
https://support.apple.com/it-it/HT210791
https://support.apple.com/it-it/HT210789
https://support.apple.com/it-it/HT210790
https://support.apple.com/it-it/HT210788
https://support.apple.com/it-it/HT210792
https://support.apple.com/it-it/HT210787
https://support.apple.com/it-it/HT210785
https://support.apple.com/en-us/HT210793
https://support.apple.com/en-us/HT210795
CERT Nazionale
https://www.certnazionale.it/news/2019/12/12/aggiornamenti-di-sicurezza-per-prodotti-apple-10-11-dicembre-2019/
US-CERT
https://www.us-cert.gov/ncas/current-activity/2019/12/10/apple-releases-multiple-security-updates
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2668
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10103
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10105
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14461
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14462
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14468
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14879
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16227
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16229
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16230
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16301
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16451
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8828
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8830
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8832
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8833
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8837
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8840
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8841
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8846
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8847
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8848
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13057
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15163
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15164
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15165
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15166
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
GARR CERT Newsletter subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCXfOFuQAKCRDBnEyTZRJg
QvLkAJ456bncWHAHpZUQMQdIFMDt33tUyQCg2nDLJXMGEs8+rf4nqQtOLdAGVys=
=/2I+
-----END PGP SIGNATURE-----