Apple Security Advisory 2023-01-24-1 - tvOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.
7372a36f401b5f8c67c0eb20699dade4d22f695f36963a2a23be13afe62dc190
Apple Security Advisory 2023-01-23-8 - Safari 16.3 addresses code execution vulnerabilities.
61d8a660abf7081692bb9315413c2a9bb7c1405bab878882031580f42a2ab335
Apple Security Advisory 2023-01-23-7 - watchOS 9.3 addresses bypass, code execution, and information leakage vulnerabilities.
f9f7b972faca743e67e384107ecddcabcd5a2d7ab1a62f92ef4ba018fac7d97a
Apple Security Advisory 2023-01-23-6 - macOS Big Sur 11.7.3 addresses buffer overflow, bypass, and code execution vulnerabilities.
aac95eb2a84296b6abbfaf3eadfc9a29430c5a2f313ef8710e3d5be26cb06bdb
Apple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.
86dd9b786a0318174acd539801f6e3fe6a86591529277185d71eb7e9e3237c4d
Apple Security Advisory 2023-01-23-4 - macOS Ventura 13.2 addresses buffer overflow, bypass, code execution, information leakage, and use-after-free vulnerabilities.
0cd5bf89e176e4c213da4d53018a83b92e2203a6e71bf12d7a356eea1213909b
Apple Security Advisory 2023-01-23-3 - iOS 12.5.7 addresses a code execution vulnerability.
ca20c54235d1a4f84eeec3a278849a37e4ef1d9e2f491eaed9b3aa083fde48a7
Apple Security Advisory 2023-01-23-2 - iOS 15.7.3 and iPadOS 15.7.3 addresses bypass and code execution vulnerabilities.
ee21407e59469cf735e9640ce25355cae5d95a4bc602316d8f031114e7f5f84a
Apple Security Advisory 2023-01-23-1 - iOS 16.3 and iPadOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.
e1d38963e60058292ec5d46d069abb5e8a1cf75d83dab5ba0137f6766a463715
On newer macOS/iOS versions, entitlements in binary signature blobs are stored in the DER format. libCoreEntitlements.dylib is the userspace library for parsing and querying such entitlements. The kernel has its own version of this library inside the AppleMobileFileIntegrity module. libCoreEntitlements exposes several functions, such as, for example, to convert entitlements to a dictionary representation (e.g. CEQueryContextToCFDictionary) or to query a specific entitlement (CEContextQuery). Unfortunately, different functions traverse the DER structure in a subtly different way, which allows one API to see one set of entitlements and another API to see a different set of entitlements.
9313c983a56ba7500d8b9861b16b1c103ae3a9454de12a836126f89cec59a1b8
Apple Security Advisory 2022-12-13-9 - Safari 16.2 addresses bypass, code execution, and use-after-free vulnerabilities.
87491cf833b3a49e10aa9918314bf6489321d8e04cec6939d195cb3f70c77dc2
Apple Security Advisory 2022-12-13-8 - watchOS 9.2 addresses bypass, code execution, integer overflow, out of bounds write, spoofing, and use-after-free vulnerabilities.
cbfa8ceb09614901b4b0bb05115fb58ae50c3fb04ef6395b18e75c81436f174b
Apple Security Advisory 2022-12-13-7 - tvOS 16.2 addresses bypass, code execution, integer overflow, out of bounds write, spoofing, and use-after-free vulnerabilities.
74ff4e02487d4bc615b6697e750a64c98e8fc416e7a5b739eed037fe127f069f
Apple Security Advisory 2022-12-13-6 - macOS Big Sur 11.7.2 addresses bypass, code execution, and integer overflow vulnerabilities.
b48a9c145ba81d8365508dc0787f261528fad814dc56294c6d211e6f8f3983bf
Apple Security Advisory 2022-12-13-5 - macOS Monterey 12.6.2 addresses bypass, code execution, and integer overflow vulnerabilities.
79a709b247d426bc8ab1d7a71fb6c94fddc8ffaba7db1441df2a880027444228
Apple Security Advisory 2022-12-13-4 - macOS Ventura 13.1 addresses bypass, code execution, out of bounds access, out of bounds write, spoofing, and use-after-free vulnerabilities.
b3bbef4a98914d0e5167d5e357e15f513f9d357c6df7cfdad446ecc8856061ac
Apple Security Advisory 2022-12-13-3 - iOS 16.1.2 addresses a code execution vulnerability.
3b5d9bba95f3634a64c2835668e5a726e2c51758bd9516987236fb25666d5d7f
Apple Security Advisory 2022-12-13-2 - iOS 15.7.2 and iPadOS 15.7.2 addresses bypass, code execution, integer overflow, out of bounds write, and spoofing vulnerabilities.
e526cdedd8ce35da09dee49922c773c4c21c09a4f4ffb9a56567d00adb6def9c
Apple Security Advisory 2022-12-13-1 - iOS 16.2 and iPadOS 16.2 addresses bypass, code execution, out of bounds write, spoofing, and use-after-free vulnerabilities.
78f3785639474b90779ccf98f62a9a102f01f943fd8dbf08927b91ea945c5a8c
Apple Security Advisory 2022-11-09-2 - macOS Ventura 13.0.1 addresses code execution and integer overflow vulnerabilities.
10c454d0b0b5904ed0e2f71ab984574a625e84a942a9a8406aa6c1ec8f046856
Apple Security Advisory 2022-11-09-1 - iOS 16.1.1 and iPadOS 16.1.1 addresses code execution and integer overflow vulnerabilities.
991b1f0f1c1f623df67f682fb82885b28002056c66e1c73a9fcc14f5d20a12ad
Apple Security Advisory 2022-11-01-1 - Xcode 14.1 addresses code execution vulnerabilities.
283ad9d8171efece3850247f493b6534fc49e5c0a1da52d7fc3564099bd20c39
Apple Security Advisory 2022-10-27-15 - Safari 16.1 addresses code execution, spoofing, and use-after-free vulnerabilities.
7e4afb58dc67e9a414148622643475a8d27c8f60baf2cda25e496eee7f816dfe
Apple Security Advisory 2022-10-27-14 - Safari 16 addresses buffer overflow, code execution, out of bounds read, and spoofing vulnerabilities.
9e96be57660dbb64494522fb501ab742107a0ac275cc908359b95be12c976690
Apple Security Advisory 2022-10-27-13 - watchOS 9 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
6428e6976f75f88772e191c66ffeca140c9771776368e32addee2afff5b485b6