OS X Mavericks 10.9.5 Update
Version 10.9.5:
- apache_mod_php
- Description: Multiple vulnerabilities existed in PHP 5.4.24, the most serious of which may have led to arbitrary code execution. This update addresses the issues by updating PHP to version 5.4.30
- CVE-ID: CVE-2013-7345, CVE-2014-0185, CVE-2014-0207, CVE-2014-0237, CVE-2014-0238, CVE-2014-1943, CVE-2014-2270, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3515, CVE-2014-3981, CVE-2014-4049
- Bluetooth
- CoreGraphics
- Description: An out of bounds memory read existed in the handling of PDF files. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4378
- CoreGraphics
- Description: An integer overflow existed in the handling of PDF files. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4377
- Foundation
- Intel Graphics Driver
- Description: A user-space buffer overflow existed in the shader compiler. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4393
- Intel Graphics Driver
- Description: Multiple validation issues existed in some integrated graphics driver routines. These issues were addressed through improved bounds checking.
- CVE-ID: CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4399, CVE-2014-4400, CVE-2014-4401, CVE-2014-4416
- IOAcceleratorFamily
- IOAcceleratorFamily
- Description: An out-of-bounds read issue existed in the handling of an IOAcceleratorFamily function. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4402
- IOHIDFamily
- Description: An out-of-bounds read issue existed in the handling of an IOHIDFamily function. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4379
- IOKit
- Description: A validation issue existed in the handling of certain metadata fields of IODataQueue objects. This issue was addressed through improved validation of metadata.
- CVE-ID: CVE-2014-4388
- IOKit
- Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4389
- Kernel
- Description: In some cases, the CPU Global Descriptor Table was allocated at a predictable address. This issue was addressed through always allocating the Global Descriptor Table at random addresses.
- CVE-ID: CVE-2014-4403
- Libnotify
- Description: An out-of-bounds write issue existed in Libnotify. This issue was addressed through improved bounds checking
- CVE-ID: CVE-2014-4381
- OpenSSL
- Description: Multiple vulnerabilities existed in OpenSSL 0.9.8y. This update was addressed by updating OpenSSL to version 0.9.8za.
- CVE-ID: CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
- QT Media Foundation
- Description: A memory corruption issue existed in the handling of RLE encoded movie files. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-1391
- QT Media Foundation
- Description: A buffer overflow existed in the handling of MIDI files. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4350
- QT Media Foundation
- Description: A memory corruption issue existed in the handling of the 'mvhd' atoms. This issue was addressed through improved bounds checking.
- CVE-ID: CVE-2014-4979
- ruby
- Description: A heap buffer overflow existed in LibYAML's handling of percent-encoded characters in a URI. This issue was addressed through improved bounds checking. This update addresses the issues by updating LibYAML to version 0.1.6
- CVE-ID: CVE-2014-2525
http://support.apple.com/kb/HT6443
ダウンロードは以下から
http://support.apple.com/kb/HT6443
