Alert GCSA-17029 - Apple Security Updates APPLE-SA-2017-05-15
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17029
Data: 16 Maggio 2017
Titolo: Apple Security Updates APPLE-SA-2017-05-15
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono vulnerabilità presenti
in Apple macOS, Safari, iTunes for Windows, Apple iOS, tvOS e watchOS.
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Software interessato
Apple macOS
Apple Safari
Apple iTunes
Apple iOS
Apple tvOS
Apple watchOS
Apple iCloud for Windows
:: Impatto
condizioni di denial of service in locale e da remoto
esecuzione di codice arbitrario in locale e da remoto
rilascio di informazioni di authenticazione
rilascio di informazioni utente
rilascio di informazioni di sistema
modifica delle informazioni utente
modifica delle informazioni di sistema
accesso root in locale
accesso utente in locale
accesso utente da remoto
:: Soluzioni
Applicare i security update:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT207797
https://support.apple.com/en-us/HT207798
https://support.apple.com/en-us/HT207800
https://support.apple.com/en-us/HT207801
https://support.apple.com/en-us/HT207803
https://support.apple.com/en-us/HT207804
https://support.apple.com/en-us/HT207805
Security Tracker
http://securitytracker.com/id/1038487
http://securitytracker.com/id/1038485
http://securitytracker.com/id/1038484
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2514
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2536
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2527
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2535
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2543
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2545
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6991
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlka7yIACgkQwZxMk2USYEI98QCfYQtCjLJt7G/vq12b6Q+Wn58C
4mgAmQGce/MTjpp3KHss+TCAUFE3Ell5
=lHIe
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17029
Data: 16 Maggio 2017
Titolo: Apple Security Updates APPLE-SA-2017-05-15
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono vulnerabilità presenti
in Apple macOS, Safari, iTunes for Windows, Apple iOS, tvOS e watchOS.
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Software interessato
Apple macOS
Apple Safari
Apple iTunes
Apple iOS
Apple tvOS
Apple watchOS
Apple iCloud for Windows
:: Impatto
condizioni di denial of service in locale e da remoto
esecuzione di codice arbitrario in locale e da remoto
rilascio di informazioni di authenticazione
rilascio di informazioni utente
rilascio di informazioni di sistema
modifica delle informazioni utente
modifica delle informazioni di sistema
accesso root in locale
accesso utente in locale
accesso utente da remoto
:: Soluzioni
Applicare i security update:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT207797
https://support.apple.com/en-us/HT207798
https://support.apple.com/en-us/HT207800
https://support.apple.com/en-us/HT207801
https://support.apple.com/en-us/HT207803
https://support.apple.com/en-us/HT207804
https://support.apple.com/en-us/HT207805
Security Tracker
http://securitytracker.com/id/1038487
http://securitytracker.com/id/1038485
http://securitytracker.com/id/1038484
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2495
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2496
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2514
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2526
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2536
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2549
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2513
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2527
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2534
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2535
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2537
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2543
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2545
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2548
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6985
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6990
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6991
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlka7yIACgkQwZxMk2USYEI98QCfYQtCjLJt7G/vq12b6Q+Wn58C
4mgAmQGce/MTjpp3KHss+TCAUFE3Ell5
=lHIe
-----END PGP SIGNATURE-----