Apple Security Advisory 2013-09-17-1 - OS X Server v2.2.2 is now available and addresses issues in ClamAV, PostgreSQL, and Wiki Server.
7a34988774da41ec6514ba0349d1e1fd-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2013-09-17-1 OS X Server v2.2.2
OS X Server v2.2.2 is now available and addresses the following:
ClamAV
Available for: OS X Mountain Lion v10.8 or later
Impact: Multiple vulnerabilities in ClamAV
Description: Multiple vulnerabilities existed in ClamAV, the most
serious of which may lead to arbitrary code execution. This update
addresses the issues by updating ClamAV to version 0.97.8.
CVE-ID
CVE-2013-2020
CVE-2013-2021
PostgreSQL
Available for: OS X Mountain Lion v10.8 or later
Impact: Multiple vulnerabilities in PostgreSQL
Description: Multiple vulnerabilities existed in PostgreSQL, the
most serious of which may lead to data corruption or privilege
escalation. This update addresses the issues by updating PostgreSQL
to version 9.2.4.
CVE-ID
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
Wiki Server
Available for: OS X Mountain Lion v10.8 or later
Impact: Multiple vulnerabilities in Wiki Server
Description: Multiple cross-site scripting issues existed in Wiki
Server. These issues were addressed by improved encoding of HTML
output.
CVE-ID
CVE-2013-1034 : David Hoyt of Hoyt LLC Research
OS X Server v2.2.2 may be obtained from Mac App Store.
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJSOJFGAAoJEPefwLHPlZEwb1cQAIKRQDJfjJefWGq0xdIUQdtp
QIZAU1OiWqThnAXSvGXINy1bj1LxtaTveS0ccxVpmWR6CxGhm3+CMHcIeLjXz16a
ZKD1ABZiy+dfaVO+ESu9oA6FMkjUyUMoWiwlleHYRFtDWlAutcFKQYVcmRp0p+zz
UYl7sHOIvWmOwY/If4EDOVPKtcBJe0u41PdpGJiNM7GRoWjk3MRlfdScpa+/EHqv
r/QQBjt1ukFuyqPJqaBtyRbIEry2a364J7TlP/OeQcafU/GbYaXo0xF2BkxoLrkE
zUyqJ1O+w3QzJfKOr2W/Xq3a2KLfBm/IF0tTkwRM8TFaGNoAd9nBExd285Xe/TUk
m+/7C3KgbLvAbnBAUdCsnViPuW5KQc1bcM1DN6yjrh61ZOGttfvbNPWjRjx5FZM1
OrbXCWsmQA79wz1lzi2xK7XV1pYpQXVcUrPhkgfD8f+tt/VimL4nvcFRw+uylWoE
UT93IvSaZ0lXCKrk4DNzDpji/IuFtddF6ZhGAC/mRgz9fsnJZ/dLrXTwhe6Hexlq
0v2oGvFKGJI7cGASCZ7EN6oK0bjbX+nGQHsuWfGh51B6eSdaPg7+9AtJGFNw2mSM
3vijZXbplvnRGIbajkpAHOk3o2fLnlZG4W4IMoe8GiT/lurnS2TOsY5AWnnPIC06
TqkNrkh5Zmj5JttbFNnt
=UcAp
-----END PGP SIGNATURE-----
© 2015 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!