-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2434
             Safari 13.1.2 addresses multiple vulnerabilities
                               16 July 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Safari
Publisher:         Apple
Operating System:  Mac OS
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote/Unauthenticated      
                   Cross-site Scripting            -- Remote with User Interaction
                   Unauthorised Access             -- Unknown/Unspecified         
                   Reduced Security                -- Unknown/Unspecified         
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-9925 CVE-2020-9916 CVE-2020-9915
                   CVE-2020-9912 CVE-2020-9911 CVE-2020-9910
                   CVE-2020-9903 CVE-2020-9895 CVE-2020-9894
                   CVE-2020-9893 CVE-2020-9862 

Reference:         ESB-2020.2429

Original Bulletin: 
   https://support.apple.com/en-gb/HT201222

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2020-07-15-5 Safari 13.1.2

Safari 13.1.2 is now available and addresses the following:

Safari Downloads
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious attacker may be able to change the origin of a
frame for a download in Safari Reader mode
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9912: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)

Safari Login AutoFill
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious attacker may cause Safari to suggest a password
for the wrong domain
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9903: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)

Safari Reader
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: An issue in Safari Reader mode may allow a remote attacker to
bypass the Same Origin Policy
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9911: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)

WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative

WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced
Description: An access issue existed in Content Security Policy.
This issue was addressed with improved access restrictions.
CVE-2020-9915: an anonymous researcher

WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2020-9925: an anonymous researcher

WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative
CVE-2020-9895: Wen Xu of SSLab, Georgia Tech

WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: Multiple issues were addressed with improved logic.
CVE-2020-9910: Samuel GroÃ\x{159} of Google Project Zero

WebKit Page Loading
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious attacker may be able to conceal the destination
of a URL
Description: A URL Unicode encoding issue was addressed with improved
state management.
CVE-2020-9916: Rakesh Mane (@RakeshMane10)

WebKit Web Inspector
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Copying a URL from Web Inspector may lead to command
injection
Description: A command injection issue existed in Web Inspector. This
issue was addressed with improved escaping.
CVE-2020-9862: Ophir Lojkine (@lovasoa)

Installation note:

Safari 13.1.2 may be obtained from the Mac App Store.
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl8PNx4ACgkQBz4uGe3y
0M2+ZQ/7ByKUtmzMw18WfXzQZlxvfEulMz/QgCiHe1VvmHh1OuMspM9Et3AIVnZP
wU1IfSeOKp9y62L8pPAU1mg/BnqXx2vNsoDrZq7dcPYIDTrfGsZQRrYy66E2VA9P
TQyIeY8ZWXG8jKJ4kBczu/hmy+q+0HVNlZcU4Q4PsjkE0p53DzSSuPgBbqN5fXlr
fbZthRYEa1jXfI/om7NLYAu9rLw/2ngXZjI1PR3m4iRbNBG4gqXXQ7Sl5xVz4oDv
Nb6PbR8LTQCdmLaq8gXfc4koEnCsFK1k1194nXgYg88hlbT/zqO55Fiofw9y70aK
NC0JJFznC3DT5wgZHE9j5/g1USrC34OTZNenipud4VWFm2gTamgGe7c0Bji3NLeG
buHa13M7Z2PpGmB/fszdipj8iLvm3uRZjVJtHDOxmuztriTFwpytk2TwlzayW+/v
l4knuEohMnHQljRsQgLC9jzs2/udAXWxW7lv7FNGlfnxHJVY+cC9vNl7PPeGNaed
4khxlLZUn2Bc5gog8GZv0ryuWLvmlo4XVkZSnrsOXHlP0oseSJntz9/GxcAgCRww
PoFu8DOc9f6orbNsQEF3ZbCyXVG/EwSKOmQPtP1ihv+yjamDGw8yNd61/qqDvwIT
db5tmKrslK49r8jkup7RuiKpgRgXI29dws+qwIV4808FNZQaYzU=
=hpCf
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXw/r3uNLKJtyKPYoAQjW1w//Zva6J0RrqMoAdfz4RwobwktksnUNIk1j
1uyX7/oz7oOAaI/Ib7nfHk1CTOI1FAW9eEQWkSVcQwORpHeuGwgqqd0pOgcDU/4w
w2BjXGHT8nyFdRDDFoQDCBsqdFssKYTvAeOkT1DNeX2VZytjzHXf6KtFL9j/bnJY
dUN4n1kXjU3RYjf3qB4sk03Bexqe/iUvKuNiMLpNwLIUXFZAwnZYVOaTU/+0pj2+
mM8YYdK0vL45dOLtoWcSaFECLWVlswb7T52guByAsXCxuhewwGXiG1NMPRBaXncf
YhPIpV7/Ioll79kNF5a95p4MzYkMKoL86VYpaay821hQ8K92oJWy5aa2BxGeMWZ6
lhBQL8FN3NZQKtEOdzlQU+F8gdnir8sAIaJgFcsI0o1HSepP6xPMeF7m1ONkgABV
byc4dlAe03pPJ5OrSQNYLNMDDNdVWIqh7OYKOpldfoTmSnElOQECMnW1nB6ofxfi
e8kzZ31bwNP38kLHMhMYQU6doOB/8zeYCGtLmzbjUDqhVAd1LFmJeWr+FZReSi1a
tg7mQVgBC0D4YpalB3/scJm9oiLXM3NbfzADdIeSLmYf0tMKsBZtExJq3RKrOSGF
rwRpHNmdiypvKsbndCHmQu9ONsZFW8p0h5YEUzQ9l/voEb+88JNTLmNnqYDbbacK
ix8QnikNjsw=
=8XA/
-----END PGP SIGNATURE-----