{"id":60460,"date":"2024-11-23T12:21:51","date_gmt":"2024-11-23T09:21:51","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/182751\/APPLE-SA-11-19-2024-5.txt"},"modified":"2024-11-23T12:21:51","modified_gmt":"2024-11-23T09:21:51","slug":"apple-security-advisory-11-19-2024-5","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/apple-security-advisory-11-19-2024-5\/","title":{"rendered":"Apple Security Advisory 11-19-2024-5"},"content":{"rendered":"<p>&#8212;&#8211;BEGIN PGP SIGNED MESSAGE&#8212;&#8211;<br \/>Hash: SHA256<\/p>\n<p>APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1<\/p>\n<p>macOS Sequoia 15.1.1 addresses the following issues.<br \/>Information about the security content is also available at<br \/>https:\/\/support.apple.com\/121753.<\/p>\n<p>Apple maintains a Security Releases page at<br \/>https:\/\/support.apple.com\/100100 which lists recent<br \/>software updates with security advisories.<\/p>\n<p>JavaScriptCore<br \/>Available for: macOS Sequoia<br \/>Impact: Processing maliciously crafted web content may lead to arbitrary<br \/>code execution. Apple is aware of a report that this issue may have been<br \/>actively exploited on Intel-based Mac systems.<br \/>Description: The issue was addressed with improved checks.<br \/>WebKit Bugzilla: 283063<br \/>CVE-2024-44308: Cl\u00e9ment Lecigne and Beno\u00eet Sevens of Google&#8217;s Threat<br \/>Analysis Group<\/p>\n<p>WebKit<br \/>Available for: macOS Sequoia<br \/>Impact: Processing maliciously crafted web content may lead to a cross<br \/>site scripting attack. Apple is aware of a report that this issue may<br \/>have been actively exploited on Intel-based Mac systems.<br \/>Description: A cookie management issue was addressed with improved state<br \/>management.<br \/>WebKit Bugzilla: 283095<br \/>CVE-2024-44309: Cl\u00e9ment Lecigne and Beno\u00eet Sevens of Google&#8217;s Threat<br \/>Analysis Group<\/p>\n<p>macOS Sequoia 15.1.1 may be obtained from the Mac App Store or Apple&#8217;s<br \/>Software Downloads web site: https:\/\/support.apple.com\/downloads\/<\/p>\n<p>All information is also posted on the Apple Security Releases<br \/>web site: https:\/\/support.apple.com\/100100.<\/p>\n<p>This message is signed with Apple&#8217;s Product Security PGP key,<br \/>and details are available at:<br \/>https:\/\/www.apple.com\/support\/security\/pgp\/<\/p>\n<p>&#8212;&#8211;BEGIN PGP SIGNATURE&#8212;&#8211;<\/p>\n<p>iQIzBAEBCAAdFiEEsz9altA7uTI+rE\/qX+5d1TXaIvoFAmc9JSQACgkQX+5d1TXa<br \/>Ivo92g\/8Dm9sVuOeQTu56JLi2yAlbu9NK8Udb4ByFIsi63HWksJ6rK9LzZfTF8Yd<br \/>Z3SBk7aIHl9tMj2gJ6QJ71SwCdN\/fTnAC9na5fZwUjdsjuH1uoPmiMSA48MDwmQC<br \/>vf6grIhskLNi0bQrpcKR1C79fmGlO7Nua3zmbvdvs41\/3g3A7udvf2KpZTkkDrP4<br \/>+zwsVCJCu4xHTo5bU0NrM\/Cbon+TO01\/gyhnngZzl65bIPkhyeEDiVHW3K6aKDA8<br \/>XpClgMGe7ZIRao0hmqqK+YYPso\/yDdUDpHlfEFL\/YYseVThd+t6EPn4irWFPCPTv<br \/>usiMVUpOpqmMHfPaVO\/uzwDR\/wgpB8ws4BsBjytQ2q5ZZgyxsIUx6cEJazgbRXtI<br \/>UIJWgodel8AClhWrRo8c14rIuUH1jqMh8EcbimFdC62vSivuNgwNdBd5U2wRnELr<br \/>w1I65s3u7f3Qly8himbl+41ueYcgInsVld7206tk8Ygmm7zA4kupLBEH+EeK43c3<br \/>2P0NF7CMQCnJcwbEqusIUi8AOSN2VgGi9E6BjjJGnLhbbieX\/ssKTTbv+mt0ctyq<br \/>5uB3WUZBDbhJKj8p\/0+iBAlzZUJDkrudmy8No9Zc2ImTcZ61gP2Zbh\/5lcI8hZu+<br \/>SKOrc+1s5nRW1FcGXL2ZzjtnmXnU6DGFfN7stVtTmVAg4dEWzeo=<br \/>=IY5p<br \/>&#8212;&#8211;END PGP SIGNATURE&#8212;&#8211;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8212;&#8211;BEGIN PGP SIGNED MESSAGE&#8212;&#8211;Hash: SHA256 APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1 macOS Sequoia 15.1.1 addresses the following issues.Information about the security content is also available athttps:\/\/support.apple.com\/121753. Apple maintains a Security Releases page athttps:\/\/support.apple.com\/100100 which lists recentsoftware updates with security advisories. JavaScriptCoreAvailable for: macOS SequoiaImpact: Processing maliciously crafted web content may lead to arbitrarycode execution. Apple is aware &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-60460","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/60460","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=60460"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/60460\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=60460"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=60460"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=60460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}