Operating System:

[MAC]

Published:

19 August 2022

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2022.4103 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2022.4103
                               Safari 15.6.1
                              19 August 2022

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Safari 15.6.1
Publisher:         Apple
Operating System:  macOS
Resolution:        Patch/Upgrade
CVE Names:         CVE-2022-32893  

Original Bulletin: 
   https://support.apple.com/HT213414

Comment: CVSS (Max):  None available when published

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2022-08-18-1 Safari 15.6.1

Safari 15.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213414.

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
WebKit Bugzilla: 243557
CVE-2022-32893: an anonymous researcher

Safari 15.6.1 may be obtained from the Mac App Store.
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmL+gHUACgkQ4RjMIDke
Nxm9eg/8CZFhmd5zgsQlwjn4R9kWVnIHCIzkhmjQGMzQ3C1FCiMwt+aDN2C1aYxN
DiElfQy6ieI+4RNTxuNakhAQ0lS7F+TStHW9meblHkIA/qFfhBVxyaWZr+Hl0Bsw
2K+0D9twK6xqh88hlvdm/GGEkEv8pKXKtzWaDoOdutXtasG6apc2nAMcqcWyN3SE
hw+/PXhnxY5TNDQsz4wYsriichEPHIPJh3tCEgV2EvfsYx3GrX8Yga3T34GHwSj7
H04Q3P1vNkdDDziFV7gZuWVXqKrpQxnReIKtZzffO0cW2x7lsSKw3H70yHlh2JLL
yUDP28jJXOFGHD3izx+YHmFB4Q4dcHSVsil39Mq150s5iyJSkO2YDgWCyZBQ1tuB
/dLIGuuQQtA3CqzBPSKneeeb0Cf5I6dnjh93R/aXLNiy+1AvizxJFOJ+EAlDCOxt
o85iZxjWaGaQxng3qeA5nex5QWUvXRPyXoxyxnkfEeswv7PX6XLQXTASIo/Ug3E8
KcIbtnkPatuwHt44eprrW6afaWhiY2IhiLKRFQeDm5vtYOr0FDAWGKl9bW203Frt
2o6TVP9uXxZRIfMUmxBjdvNFScez49vlU6v+cIjj8UON/lWKZLkLDEFxfCWxlAWK
eTc6a0tIAP5EMyd7EZdVhvxJSMxcCrXiO2iiS5TccIFZ5VvgZwA=
=t1cZ
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBYv7Qi8kNZI30y1K9AQhT9BAAthUQ9WxauEkthP/ZUwyDvhI26hjBy/qX
KjePdteelylzvlebH8ocXJ/qS7m0UWchnX0Otnkb9+lfUDAcFVFqbPD4UxfyWG9U
pF4h+wOOA1RoUXvI0SOyLGlNWgEb4w3K+nsUV/X0VYO3Hnn51CrU0Opa5svHpIYE
ymbLpion2krsRAEl7jZip0VyjNZdIQ8DUm/NYp4dkjKTfpbRZJ1QoRHzF0zXfppx
VwUkSq6X2y+AHwvCc2esM8aEJIr60dhzyI2FEQ3M9F2hKiO61KbC3DvEgTzWjB92
VCFyvzSxTPA+SnInrW72gnNDn2OcuA0C7ybxeZp2KbxGRl1RVpVLaa2sBq2YBXKE
yZzbQ66t6mlY0Ey5cAq11+o9YMfKFSAj8wGXqIkpi2i6iAJOs/cn2xxyqFPdzXSm
8QTZZydfGJTyjLAS0b/o3tGEDqDpUq7XNqbr06cVHrVVIKrYS83harj6LFWhEhL0
BaNK9gyWcIjJKY6QosRzBv4/wNf/85R6K2JLmd6EWHY1+XYQIFqrqR7kxa+GON84
7Mazhj1DIdZuPseh8K3R4ywJZH36JBAL7KD5EQxZvQB9vKZsI0mweYsz5n+RUVFB
urgMHCSFiaIlIF+TjSC6/YwwApklwBZbJByKQ8yjiMx0LTpPdm4+erGt3udr53jd
q348Fzz7DAA=
=I0UG
-----END PGP SIGNATURE-----