Apple Security Advisory 2019-8-13-2 - iOS 12.4 addresses code execution, cross site scripting, denial of service, and use-after-free vulnerabilities.
b98e7cd927afee1903b1b3a7c757e97c4d76ba11e133c4498d01036e781da6da
Apple Security Advisory 2019-8-13-1 - Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra.
6266eca3896b7b39a8d738262e16698fe6e05863fe32766e7503eb368caf528d
NSKeyedUnarchiver suffers from an information leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes provided to the decoder are null terminated. It should use [SGBigUTF8String initWithUTF8Data:] instead.
350595d4b62128692b25160fd0dc54b6e14a6ff528c3e77b5bce0cd7797ace73
Apple Security Advisory 2019-7-22-2 - macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra are now available and address bypass, code execution, and use-after-free vulnerabilities.
06edb784a4752aa4a94e3f66afb745716e5fc85ffa3efeaa7239483824f55009
Apple Security Advisory 2019-7-22-1 - iOS 12.4 is now available and addresses code execution, cross site scripting, denial of service, and use-after-free vulnerabilities.
98652db38a2c68e39ff0f8a5d43718e1f059313953f3baf2ab01cbbceebec0b7