—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
APPLE-SA-2014-12-22-1 OS X NTP Security Update
OS X NTP Security Update is now available and addresses the
following:
ntpd
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10.1
Impact: A remote attacker may be able to execute arbitrary code
Description: Several issues existed in ntpd that would have allowed
an attacker to trigger buffer overflows. These issues were addressed
through improved error checking.
To verify the ntpd version, type the following command in Terminal:
what /usr/sbin/ntpd. This update includes the following versions:
Mountain Lion: ntp-77.1.1
Mavericks: ntp-88.1.1
Yosemite: ntp-92.5.1
CVE-ID
CVE-2014-9295 : Stephen Roettger of the Google Security Team
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
—–BEGIN PGP SIGNATURE—–
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools – http://gpgtools.org
iQIcBAEBAgAGBQJUmGKXAAoJEBcWfLTuOo7tJHwP/iHNiJAZaFxvN81LT382jy3r
qDX4YjdhMydBCf+EW/WZJW1mfpqeFS29+4a4HAzxgSHNp7nrhHcyGc1sRkcIj2Co
jwISJ3if1+8puTeLjHDaWEozYwGVVXdLQrkqYkbDEzWAimN9jSfOjjKLeVswyVdw
o7ZrMZ9R3SqGcrw3tkqFPduur03Ip4a220g0kjydNdkAATHv6/U/eDI7pBybhWWy
xQfY7gZxwkP7R+vo7xXgC+0U2j74TIZOS2OYZwS9/7YuKoCq6CETXEVSsXRg/9aN
mRwVBneBKVLHKKaXhwbpKT/SQdNvCmmqbI5qG8J5AvNtXyo2a1Y8mXlA6Mp91PTf
zZcwCZZyXbNJ3oJK8DEnwP9MjkzZzoa3K5EZQr/4oSTfsG3EJilPPD05GukrWggJ
EUdBJZ7+QFwjIEwqXYW++fPv97WW0DZxQvkdkImtFoGdfR+cOXWyhtqk2aaz6JFO
vf6C2dTVILHz8rHVfzMxBApgRnZjFe6c04fbW5YSfIC4Qjc4XSm9/KkQYf1YIGH2
s6TOkc8qrmUTgh+VxDoKPU5K/O+1IfTByiGBii+G4cPB6wiXZj43x7zjC+6bgnCo
R2UhO62hnEA4Z1++KuYVINfiCKMkxnKHVvGOdb+pBKddGmCeUiM1H0LO/l1/kaFR
kNQ7cG1OCTFtFJUpClub
=xyD0
—–END PGP SIGNATURE—–
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)