You are here
Home > Preporuke > Sigurnosni nedostatak programskih paketa Pages, Numbers i Keynote

Sigurnosni nedostatak programskih paketa Pages, Numbers i Keynote

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

APPLE-SA-2017-03-27-1 Pages 6.1, Numbers 4.1, and Keynote 7.1
for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS are now
available and address the following:

Export
Available for: macOS 10.12 Sierra or later, iOS 10 or later
Impact: The contents of password-protected PDFs exported from iWork
may be exposed
Description: iWork used weak 40-bit RC4 encryption for password-
protected PDF exports. This issue was addressed by changing iWork
export to use AES-128.
CVE-2017-2391: Philipp Eckel of ThoughtWorks

Installation note:

Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac and Pages 3.1,
Numbers 3.1, and Keynote 3.1 for iOS may be obtained from the
App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – https://gpgtools.org

iQIcBAEBCgAGBQJY2VkhAAoJEIOj74w0bLRGtMYQAMixdDDlyh/wWcT8bTLSekBU
6CqKrmus7LmaKyaqSjpzTlh4P40fLjpiPEukBzSerLeHlSBZ2mOpGcpXcC5evRDG
GVJe5J7DeJyfk0Asta+9sgX/YAms9VcqZS9AxAVA7LeP1yspxAej6FMyP+vnvK6c
y4SAzxlAZLjzMORaXnn/erp9SAtyyituD1TIhP4dIjcM7YNb0heKO46FCFVflcKd
jqamu5A+W7D3i0f2dxlw5cN8J2Lpbeue/hoKT+thO+97zGjvUtqY53LOvOGcpYvD
bxp3Ld2fCgCVgpalIrsvBYXbnBTgn/Mvve8dax2Ub0s95IxQkEr3SP1gr/YubSE9
EXg1PhmwnozUXsbZZV68nnQ2xfzc5CgjjojPBF8sg8BCFqXy4k5qkHi9sLdwxCis
Hlcl6OyrkF+Puqjs3XZPzfSUKndL4pXiIv8H7nPgtCIsIF6BjABQGLUKOSNNtQwe
ySAatdMCB1ut3NkSBh+yjIsK9QshiD9JbUhlZkLvkJhhcZp+rFac4adTN6U9svbO
ehttNA2kPOW/YnYv42tk499cA+S3gHYHl7jzGnQNq2aQT/AZFg9lDJFYS0qqdLCW
G0XaKDiSzsAkCa54UIyc2e+/St/b10kNXuTxKa/Q9Y9Mh9RtJUHHm0FrLPkevZJ7
MxmltI7TPqTEOCpaYFfd
=cT2K
—–END PGP SIGNATURE—–

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (Security-announce@lists.apple.com)

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa cURL

Otkriven je sigurnosni nedostatak u programskom paketu cURL za operacijski sustav Gentoo. Zbog pogreške u kodu, TLS poslužiteljski certifikat uvijek...

Close