===================================================================== CERT-Renater Note d'Information No. 2023/VULN499 _____________________________________________________________________ DATE : 01/12/2023 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Safari versions prior to 17.1.2. ===================================================================== https://support.apple.com/en-au/HT214033 _____________________________________________________________________ APPLE-SA-11-30-2023-1 Safari 17.1.2 Safari 17.1.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT214033. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. WebKit Available for: macOS Monterey and macOS Ventura Impact: Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Description: An out-of-bounds read was addressed with improved input validation. WebKit Bugzilla: 265041 CVE-2023-42916: Clement Lecigne of Google's Threat Analysis Group WebKit Available for: macOS Monterey and macOS Ventura Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Description: A memory corruption vulnerability was addressed with improved locking. WebKit Bugzilla: 265067 CVE-2023-42917: Clement Lecigne of Google's Threat Analysis Group Safari 17.1.2 may be obtained from the Mac App Store. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================