—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512
APPLE-SA-2016-12-13-8 Transporter 1.9.2
Transporter 1.9.2 is now available and addresses the following:
iTMSTransporter
Available for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit),
Windows 7 and later (32 bit), and Red Hat Enterprise Linux (64 bit)
Impact: Parsing maliciously crafted EPUB may lead to disclosure of
user information
Description: An information disclosure issue existed in the parsing
of EPUB. This issue was addressed through improved parsing.
CVE-2016-7666: Craig Arendt of Stratum Security
Transporter 1.9.2 may be obtained from:
https://itunesconnect.apple.com/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – https://gpgtools.org
iQIcBAEBCgAGBQJYUD1/AAoJEIOj74w0bLRGYFYQANGsJJk34XxNyanUy0p/YDf7
bL62s4gxuNVwSlD2G054/OvsQjlXFlMlgsWDbVuj5uUffoFYdEhdL6j5t7t996V2
ledTUy84Qv5vHXuJcbuVbRhaPBGyl24Nwz5B4W7QWhARVeF4BaMNyztXdgfv6Y9N
/8HzDvP4AoENuNcGdXsLq7CeWPPhUtFyHHJLVXTJXYJHG/ayTb8yLW3quhlK5DrQ
E0V5uiwX5AK0MPUfGnwZRhMoOvUc7GdGFrQdpxTtd7pMjms74QICr25X//fD7kAL
e6shvDmliCtCxGPMPb3/nGAcwZ0TVRSpJHxmcFdROWpzK3BcOWj0wIJgDtEs9OkY
/YwoA3iWM6BUalfAz/kw1jMzm9nc35Y+U/gmt5vS81mPecZ6mMBbjsYsJylW4cEh
CxAMiIRThZBlvkn7ZyV3riDUIgO2O149NytgWXLXI31VVlUlM5v2ScQywGSVtskG
LDwqhb+o7q+UdYEXZlWs2sf1oYZ2wBZh+ZWqlNx3y7TZgUaoLkL38SbRSyDVdZoE
WU94s5sqCRGW40WJoZ/QFkcfO/C9m/6Da5Z4DC1B3R4P4aNh4m2HPowZZE+VZfOl
08Mw7MJqfIjk5Xo8U9BoGNnxbB64htrBHuUw46jLHC9dgij/J6pF7DLOMTwC6fYQ
OqI2SnPh/q9HHs1FZuFE
=6p61
—–END PGP SIGNATURE—–
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)