—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
APPLE-SA-2014-09-17-6 OS X Server 2.2.3
OS X Server 2.2.3 is now available and addresses the following:
CoreCollaboration
Available for: OS X Mountain Lion v10.8.5
Impact: A remote attacker may be able to execute arbitrary SQL
queries
Description: A SQL injection issue existed in Wiki Server. This
issue was addressed through additional validation of SQL queries.
CVE-ID
CVE-2014-4424 : Sajjad Pourali (sajjad@securation.com) of CERT of
Ferdowsi University of Mashhad
OS X Server 2.2.3 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
—–BEGIN PGP SIGNATURE—–
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools – http://gpgtools.org
iQIcBAEBAgAGBQJUGkbuAAoJEBcWfLTuOo7tYVMQAKaz8CbU1iJrm+5fvLPnXrBF
eWp0tYCDPcoj1tUJ79+XJplJHsZ2Ezb0bQ8gvNSRLgT32Dw4gtRPmZ9c+/UHMUV6
rbSeF73x4IC6yF56ghbKjTkFJguniaS/k6KWCYhqU2Ew/qya2nJdj/RGS5AICQb3
HVg50yW+jRb5geLOL/+Sd7R+zjg3OZb+Z7h+/ynCI53tGgVB9LzslrI+thNAA2Fz
mAsHtF1Fx6l9F+lbCygJj6sNoBxDJPadBlPPjR7E1C06cCoxlARdz2K74qFONt6+
/zSbWofuszvN23HmY9+JYmIQ7x0wi9Ff7W18Ai5nN2/GCLzOM/lJKHKY2tTG781h
R9g1bX1Q0mB9e+RYqmgwSvdtijFXjtOqNza8X9fBHP5bzArucMaFrhUqCEeSqSfs
6hijGHJzK/buNdIzP2wBceA/EXRAfqUZi8r4FTGLQMqZvath3nhrEP+T2LezBCwS
7foYeCo1AXp6oQDgKA0QUflFZg6eZlLFPngvFQn/7ko+I/K1+RzZwbiwS+61pNva
AaoSTeuzeYKuWIFQU80I+mZ1bwqr60Ns9Q3AtIJlKlu/3+l+G3eOW397SqtqbPdh
jRAsmOpcA6w5afjT1yIlcGis/k3H7VAvuVNu6ZZ6JGdXD+q1O4K9GQA2vqxgBLO8
w5/NX6or7DEXSvpwiLND
=s9TT
—–END PGP SIGNATURE—–
—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – http://gpgtools.org
iQIcBAEBAgAGBQJUGkezAAoJEBcWfLTuOo7tEdEQAIqMpHf+80kxHJFX+EYSjV/n
a6ojE5UUCspryarjKavfL3af1tYZ04B04Y1+qhkwf2mukLWEmIyNUT5T/1fupRAW
F9KfkvvWXp4ZqGFvO6M527SOZeQfsAaNr0hTCtmdceZaFVumuiU4hm4HYuVhAz3D
m5RjplCDrGlK1Gvgim80HHJ/sJCgFfs3SVspknrN/qOIBmF142V/2E4OWI1+gReG
FNWvDEs/PLpTICiuiOJ/AfzdCNNU5db/aXSqyMQ/Pv17uqXPGRnubySX3+pCVf9y
nNBQ7VOq1Dwb1Fl7kJQ+u/u3kMZ4462AkkwpbWJEUr48coULavBukXd78NbVgNd2
b4XFyyKiObmNw0FHsG4+7P7FdE4FUksvKmOxSaV5N9UelmgnJPMot4CBsumpd84d
CbLiBjOgmYjXxfpT4NUb/f8wT2cBWYQLecDbtKGb/M+V8cKq9fTwtvVisXF2CTvb
c8ydc062y1lDBBuu3HZog4xNqvFQgybnl/XGyuj8q9tU8DUjKB3DPlagbs96OYxO
V9sNPMzYKSa9sRAmLz/fd5lzz4sxf4DqBlthsGRItWf4H5ont5GHb7yLtpm5eqLM
w/R7heqxNNwd/AwZyhlUglpcSO5ZoGx2Ps1k4721X976nsX8dO67Pf65vs75lRKr
b+raHckKDsYIL6NWGOIA
=RikQ
—–END PGP SIGNATURE—–
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)