Alert GCSA-21018 - Apple Security Updates APPLE-SA-2021-02-09-1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
alert ID: GCSA-21018
data: 11 febbraio 2021
titolo: Apple Security Updates APPLE-SA-2021-02-09-1
******************************************************************
:: Descrizione del problema
Apple ha rilasciato il seguente aggiornamento di sicurezza
che risolve delle vulnerabilita' presenti nei sistemi operativi
e nelle applicazioni.
APPLE-SA-2021-02-09-1
macOS Big Sur 11.2.1
macOS Catalina 10.15.7 Supplemental Update
macOS Mojave 10.14.6 Security Update 2021-002
Maggiori informazioni sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
macOS Big Sur 11.2
macOS Catalina 10.15.7
macOS Mojave 10.14.6
:: Impatto
Arbitrary Code Execution
Elevation of Privilege
:: Soluzione
Applicare i security update e gli aggiornamenti rilasciati
https://support.apple.com/downloads
Aggiornare il software sul Mac
https://support.apple.com/it-it/HT201541
Keep your Mac up to date
https://support.apple.com/en-in/guide/mac-help/mchlpx1065/mac
:: Riferimenti
Aggiornamenti di sicurezza Apple
https://support.apple.com/it-it/HT201222
https://support.apple.com/en-us/HT212177
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
SecurityWeek
https://www.securityweek.com/apple-patches-recent-sudo-vulnerability-macos
The Hacker News
https://thehackernews.com/2021/02/apple-patches-10-year-old-macos-sudo.html
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYCT4YAAKCRDBnEyTZRJg
QtDkAKCt3hQ737tWIoIBRnIkK5ZB6YYwKgCgvRce11CVz+l4OKeYrgaZtMiWcoY=
=b0uV
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
alert ID: GCSA-21018
data: 11 febbraio 2021
titolo: Apple Security Updates APPLE-SA-2021-02-09-1
******************************************************************
:: Descrizione del problema
Apple ha rilasciato il seguente aggiornamento di sicurezza
che risolve delle vulnerabilita' presenti nei sistemi operativi
e nelle applicazioni.
APPLE-SA-2021-02-09-1
macOS Big Sur 11.2.1
macOS Catalina 10.15.7 Supplemental Update
macOS Mojave 10.14.6 Security Update 2021-002
Maggiori informazioni sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
macOS Big Sur 11.2
macOS Catalina 10.15.7
macOS Mojave 10.14.6
:: Impatto
Arbitrary Code Execution
Elevation of Privilege
:: Soluzione
Applicare i security update e gli aggiornamenti rilasciati
https://support.apple.com/downloads
Aggiornare il software sul Mac
https://support.apple.com/it-it/HT201541
Keep your Mac up to date
https://support.apple.com/en-in/guide/mac-help/mchlpx1065/mac
:: Riferimenti
Aggiornamenti di sicurezza Apple
https://support.apple.com/it-it/HT201222
https://support.apple.com/en-us/HT212177
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
SecurityWeek
https://www.securityweek.com/apple-patches-recent-sudo-vulnerability-macos
The Hacker News
https://thehackernews.com/2021/02/apple-patches-10-year-old-macos-sudo.html
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYCT4YAAKCRDBnEyTZRJg
QtDkAKCt3hQ737tWIoIBRnIkK5ZB6YYwKgCgvRce11CVz+l4OKeYrgaZtMiWcoY=
=b0uV
-----END PGP SIGNATURE-----