-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-09-25-1 macOS High Sierra 10.13

macOS High Sierra 10.13 is now available and addresses the following:

Application Firewall
Available for:  OS X Lion v10.8 and later
Impact: A previously denied application firewall setting may take
effect after upgrading
Description: An upgrade issue existed in the handling of firewall
settings. This issue was addressed through improved handling of
firewall settings during upgrades.
CVE-2017-7084: an anonymous researcher

AppSandbox
Available for:  OS X Lion v10.8 and later
Impact: An application may be able to cause a denial of service
Description: Multiple denial of service issues were addressed through
improved memory handling.
CVE-2017-7074: Daniel Jalkut of Red Sweater Software

Captive Network Assistant
Available for:  OS X Lion v10.8 and later
Impact: A local user may unknowingly send a password unencrypted over
the network
Description: The security state of the captive portal browser was not
obvious. This issue was addressed with improved visibility of the
captive portal browser security state.
CVE-2017-7143: an anonymous researcher

CFNetwork Proxies
Available for:  OS X Lion v10.8 and later
Impact: An attacker in a privileged network position may be able to
cause a denial of service
Description: Multiple denial of service issues were addressed through
improved memory handling.
CVE-2017-7083: Abhinav Bansal of Zscaler Inc.

CoreAudio
Available for:  OS X Lion v10.8 and later
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed by updating to Opus
version 1.1.4.
CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend
Micro

Directory Utility
Available for:  OS X Lion v10.8 and later
Impact: A local attacker may be able to determine the Apple ID of the
owner of the computer
Description: A permissions issue existed in the handling of the Apple
ID. This issue was addressed with improved access controls.
CVE-2017-7138: an anonymous researcher

file
Available for:  OS X Lion v10.8 and later
Impact: Multiple issues in file
Description: Multiple issues were addressed by updating to version
5.30.
CVE-2017-7121: found by OSS-Fuzz
CVE-2017-7122: found by OSS-Fuzz
CVE-2017-7123: found by OSS-Fuzz
CVE-2017-7124: found by OSS-Fuzz
CVE-2017-7125: found by OSS-Fuzz
CVE-2017-7126: found by OSS-Fuzz

Heimdal
Available for:  OS X Lion v10.8 and later
Impact: An attacker in a privileged network position may be able to
impersonate a service
Description: A validation issue existed in the handling of the KDC-
REP service name. This issue was addressed through improved
validation.
CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams

IOFireWireFamily
Available for:  OS X Lion v10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7077: Brandon Azad

IOFireWireFamily
Available for:  OS X Lion v10.8 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-7119: Xiaolong Bai, Min (Spark) Zheng of Alibaba Inc.,
Benjamin Gnahm (@mitp0sh) of PDX

Kernel
Available for:  OS X Lion v10.8 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7114: Alex Plaskett of MWR InfoSecurity

libc
Available for:  OS X Lion v10.8 and later
Impact: A remote attacker may be able to cause a denial-of-service
Description: A resource exhaustion issue in glob() was addressed
through an improved algorithm.
CVE-2017-7086: Russ Cox of Google

libc
Available for:  OS X Lion v10.8 and later
Impact: An application may be able to cause a denial of service
Description: A memory consumption issue was addressed through
improved memory handling.
CVE-2017-1000373

libexpat
Available for:  OS X Lion v10.8 and later
Impact: Multiple issues in expat
Description: Multiple issues were addressed by updating to version
2.2.1
CVE-2016-9063
CVE-2017-9233

Mail
Available for:  OS X Lion v10.8 and later
Impact: The sender of an email may be able to determine the IP
address of the recipient
Description: Turning off "Load remote content in messages" did not
apply to all mailboxes. This issue was addressed with improved
setting propagation.
CVE-2017-7141: an anonymous researcher

Mail Drafts
Available for:  OS X Lion v10.8 and later
Impact: An attacker with a privileged network position may be able to
intercept mail contents
Description: An encryption issue existed in the handling of mail
drafts. This issue was addressed with improved handling of mail
drafts meant to be sent encrypted.
CVE-2017-7078: an anonymous researcher, an anonymous researcher, an
anonymous researcher

ntp
Available for:  OS X Lion v10.8 and later
Impact: Multiple issues in ntp
Description: Multiple issues were addressed by updating to version
4.2.8p10
CVE-2017-6451: Cure53
CVE-2017-6452: Cure53
CVE-2017-6455: Cure53
CVE-2017-6458: Cure53
CVE-2017-6459: Cure53
CVE-2017-6460: Cure53
CVE-2017-6462: Cure53
CVE-2017-6463: Cure53
CVE-2017-6464: Cure53
CVE-2016-9042: Matthew Van Gundy of Cisco

Screen Lock
Available for:  OS X Lion v10.8 and later
Impact: Application Firewall prompts may appear over Login Window
Description: A window management issue was addressed through improved
state management.
CVE-2017-7082: Tim Kingman

Security
Available for:  OS X Lion v10.8 and later
Impact: A revoked certificate may be trusted
Description: A certificate validation issue existed in the handling
of revocation data. This issue was addressed through improved
validation.
CVE-2017-7080: Sven Driemecker of adesso mobile solutions gmbh, Rune
Darrud (@theflyingcorpse) of BA|rum kommune, an anonymous researcher,
an anonymous researcher

SQLite
Available for:  OS X Lion v10.8 and later
Impact: Multiple issues in SQLite
Description: Multiple issues were addressed by updating to version
3.19.3.
CVE-2017-10989: found by OSS-Fuzz
CVE-2017-7128: found by OSS-Fuzz
CVE-2017-7129: found by OSS-Fuzz
CVE-2017-7130: found by OSS-Fuzz

SQLite
Available for:  OS X Lion v10.8 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7127: an anonymous researcher

WebKit
Available for:  OS X Lion v10.8 and later
Impact: A malicious website may be able to track users in Safari
private browsing mode
Description: A permissions issue existed in the handling of web
browser cookies. This issue was addressed with improved restrictions.
CVE-2017-7144: an anonymous researcher

zlib
Available for:  OS X Lion v10.8 and later
Impact: Multiple issues in zlib
Description: Multiple issues were addressed by updating to version
1.2.11.
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843

Additional recognition

Security
We would like to acknowledge Abhinav Bansal of Zscaler, Inc.
for their assistance.

Installation note:

macOS 10.13 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://www.apple.com/support/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJZyUQfAAoJEIOj74w0bLRGmSEP/0wgqASRSNneoBx/AMLk0Qac
mZhI8HuyJRTFwCOT7P7vkZTmoxtyOOdh4XaInvKMsW5I2G64YEmW86pcofHwdOTz
TSWIAdus34xErUZ13rMzfg8Z3XAberG1E31QU2y2EXenpJSZIL8nzLgt8ySPVyzu
PrQJxGxCMq1WAOSemGe+4rK2rMwpw5UDZyTbNPDi6lfKz0ZmtfvBzrgBq2xhA9iF
/2NVs5rRog38N6F6xR6GNqi0dVoZmh1umQINh9nzTn8crbSuI3ixRtQYxstxU91/
0wrgV03YF297n6bwVhawEDPU8obZzFgQRiKOjghE6h4YBVccWxMI9n42PwVc+G/Z
X48wuSavpOEV6WEC+hWtALl/W73uH3jF2iK8rPBcDENheRlFi/y5+XeOK8TGJftS
6raj+IgbgERaY3uXcRoi0mLflpzxvGBYlTiJRRj7H7HFZO6v14hYyEMVrWmhFUiZ
Xgy/qxHdWd/NW4AZz8Ke+ZMaJr21DozzI8ejug9shD7O/N31ZNq2qsNmxEweCPvt
yMauTPAUutApHTEUXfwCdOy+ZGgTtWDnOC+g3ezkAOdigvjFcwlFH0Sbjxnhxbbp
LVLz7tHwyKa5Xcwet0ZRH3WCHBsTzzkpsgxoyEMabE2KGS461uZw20t2uZozNsV0
bniy26PJZ5xGrFOSZYUa
=wBKW
-----END PGP SIGNATURE-----