You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa Xcode

Sigurnosni nedostatak programskog paketa Xcode

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

APPLE-SA-2020-09-16-5 Xcode 12.0

Xcode 12.0 is now available and addresses the following:

IDE Device Support
Available for: macOS Mojave 10.15.4 and later
Impact: An attacker in a privileged network position may be able to
execute arbitrary code on a paired device during a debug session over
the network
Description: This issue was addressed by encrypting communications
over the network to devices running iOS 14, iPadOS 14, tvOS 14, and
watchOS 7.
CVE-2020-9992: Dany Lisiansky (@DanyL931), Nikias Bassen

Additional recognition

debugserver
We would like to acknowledge Linus Henze (pinauten.de) for their
assistance.

LLVM
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.

Installation note:

Xcode 12.0 may be obtained from:

https://developer.apple.com/xcode/downloads/

To check that the Xcode has been updated:

* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be “Xcode 12.0”.
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl9igoYACgkQZcsbuWJ6
jjA17g//cPW08TA+cwO7nyipcSTcXdovOMGJYoIrrupmdtm9+7tbq+9qXNbcbCCU
/w8TpNXAfoJd1CD8mLzzDlZcmf2uVg+F8/0I4VkzGCp8Z4GusehXa36otdpHA4n1
53awpj656xP4C27BdYxQfkQyWp4VQNrTmIIbppvn9Ozdmx2OqqynTpxSrTApu79m
PZEBvNIlWkint7d1Fr9+GVqJh1FtOSjrH2mn9tblIUcjUEifVZtMEP8NbN0OD6JS
n6W3ivUAoRDS7jQjLUnkzQcYzXnA9iRRaHWq3VppC6k1sg8DFqqIC0trXr3PyzpG
Q1fvY7QqCqppomQ1jSSUH0+bPemu2R3QSj1w/tbB481JUfPUvklPZgBuSVIBOu67
dRC49HjUjqP9jLkrFI6rgN+O76DZeImy0o7cnjVhdessMTzT8s7Dbu8d/4ixKVTA
uLkqR/240hywZXHa2CLffAJQiUfPx7fXde1u7vx/v0tZreCq3w9ScBOmegovILSS
/cx0wT8Od/LZiPYZgGh5yGFBP99qrKIYfX9yzRSynBGDfee4dXbitFm/fUy65zg8
Yjz4eSIoZqCl9PrsW0lXqOyTs2ozrPA7jD+VwaC1ZHzn6RjMB9zTmasxOrEbZ/XK
cJ/xv6Fef/H7/k6HG8TCxOK5xvp+ZhAZkL90jW33jvSRr2ovSjo=
=FOfL
—–END PGP SIGNATURE—–
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/security-announce/advinp%40cert.hr

This email sent to advinp@cert.hr

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa Safari

Otkriveni su sigurnosni nedostaci u programskom paketu Safari za operacijske sustave macOS High Sierra i Mojave. Otkriveni nedostaci potencijalnim udaljenim...

Close