Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

24 Apr, 2024: Testing a new version of the Overboard here. If you have an issue post about it to rocksolid.nodes.help (I know. Everyone on Usenet has issues)

computers / comp.sys.mac.system / Re: iOS 15.0.2 is out

SubjectAuthor
* Re: iOS 15.0.2 is outRobin Goodfellow
`- Re: iOS 15.0.2 is outAlan Baker

1
Re: iOS 15.0.2 is out

<sk4g21$1ajs$1@gioia.aioe.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13003&group=comp.sys.mac.system#13003

  copy link   Newsgroups: misc.phone.mobile.iphone comp.sys.mac.apps comp.sys.mac.system
Path: rocksolid2!i2pn.org!aioe.org!pGO9hH1d1MQyq3ojvfqVcA.user.46.165.242.75.POSTED!not-for-mail
From: Ancient-...@Heaven.Net (Robin Goodfellow)
Newsgroups: misc.phone.mobile.iphone,comp.sys.mac.apps,comp.sys.mac.system
Subject: Re: iOS 15.0.2 is out
Date: Tue, 12 Oct 2021 17:19:10 +0000
Organization: Keeping Good Company
Message-ID: <sk4g21$1ajs$1@gioia.aioe.org>
References: <sk1rdf$13tq$1@gioia.aioe.org> <sk47ak$m41$1@dont-email.me> <121020211105214550%nospam@nospam.invalid>
Injection-Info: gioia.aioe.org; logging-data="43644"; posting-host="pGO9hH1d1MQyq3ojvfqVcA.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Xnews/5.04.25
X-Notice: Filtered by postfilter v. 0.9.2
 by: Robin Goodfellow - Tue, 12 Oct 2021 17:19 UTC

nospam <nospam@nospam.invalid> asked
>> OMG, does this ever stop. The problem was that they wanted iOS 15 for
>> the iPhone 13, even though it wasn't tested and ready for prime time.
>
> false.

That's like saying false when someone buys a new car, and in just the first
10 months alone that car has 17 emergency safety defects requiring recalls.

*Can you find _any_ other operating system with ~2 zero-day holes per month?*
--
CVE-2021-1782 (Kernel) - A malicious application may be able to elevate privileges
CVE-2021-1870 (WebKit) - A remote attacker may be able to cause arbitrary code execution
CVE-2021-1871 (WebKit) - A remote attacker may be able to cause arbitrary code execution
CVE-2021-1879 (WebKit) - Processing maliciously crafted web content may lead to universal cross-site scripting
CVE-2021-30657 (System Preferences) - A malicious application may bypass Gatekeeper checks
CVE-2021-30661 (WebKit Storage) - Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2021-30663 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2021-30665 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2021-30666 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2021-30713 (TCC framework) - A malicious application may be able to bypass Privacy preferences
CVE-2021-30761 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2021-30762 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2021-30807 (IOMobileFrameBuffer) - An application may be able to execute arbitrary code with kernel privileges
CVE-2021-30858 (WebKit) - Processing maliciously crafted web content may lead to arbitrary code execution
CVE-2021-30860 (CoreGraphics) - Processing a maliciously crafted PDF may lead to arbitrary code execution
CVE-2021-30869 (XNU) - A malicious application may be able to execute arbitrary code with kernel privileges
CVE-2021-30883 (WebContent) - A memory corruption in the app sandbox making for good LPE exploits in chains

Re: iOS 15.0.2 is out

<sk4ggt$dfr$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13005&group=comp.sys.mac.system#13005

  copy link   Newsgroups: misc.phone.mobile.iphone comp.sys.mac.apps comp.sys.mac.system
Path: rocksolid2!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: notonyou...@no.no.no.no (Alan Baker)
Newsgroups: misc.phone.mobile.iphone,comp.sys.mac.apps,comp.sys.mac.system
Subject: Re: iOS 15.0.2 is out
Date: Tue, 12 Oct 2021 10:26:53 -0700
Organization: A noiseless patient Spider
Lines: 45
Message-ID: <sk4ggt$dfr$1@dont-email.me>
References: <sk1rdf$13tq$1@gioia.aioe.org> <sk47ak$m41$1@dont-email.me>
<121020211105214550%nospam@nospam.invalid> <sk4g21$1ajs$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 12 Oct 2021 17:26:54 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="3326cee3ab024fd2183c28a9dbaae720";
logging-data="13819"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19Qr2ZIzcICcNWwKI6iZJqhu5gRYHyi2Vw="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
Gecko/20100101 Thunderbird/78.14.0
Cancel-Lock: sha1:QzAwyVT7fwDMQ4Cjcy/y2WCN+ZI=
In-Reply-To: <sk4g21$1ajs$1@gioia.aioe.org>
Content-Language: en-US
 by: Alan Baker - Tue, 12 Oct 2021 17:26 UTC

On 2021-10-12 10:19 a.m., Robin Goodfellow wrote:
> nospam<nospam@nospam.invalid> asked
>>> OMG, does this ever stop. The problem was that they wanted iOS 15 for
>>> the iPhone 13, even though it wasn't tested and ready for prime time.
>> false.
> That's like saying false when someone buys a new car, and in just the first
> 10 months alone that car has 17 emergency safety defects requiring recalls.
>
> *Can you find_any_ other operating system with ~2 zero-day holes per month?*
> -- CVE-2021-1782 (Kernel) - A malicious application may be able to
> elevate privileges CVE-2021-1870 (WebKit) - A remote attacker may be
> able to cause arbitrary code execution CVE-2021-1871 (WebKit) - A remote
> attacker may be able to cause arbitrary code execution CVE-2021-1879
> (WebKit) - Processing maliciously crafted web content may lead to
> universal cross-site scripting CVE-2021-30657 (System Preferences) - A
> malicious application may bypass Gatekeeper checks CVE-2021-30661
> (WebKit Storage) - Processing maliciously crafted web content may lead
> to arbitrary code execution CVE-2021-30663 (WebKit) - Processing
> maliciously crafted web content may lead to arbitrary code execution
> CVE-2021-30665 (WebKit) - Processing maliciously crafted web content may
> lead to arbitrary code execution CVE-2021-30666 (WebKit) - Processing
> maliciously crafted web content may lead to arbitrary code execution
> CVE-2021-30713 (TCC framework) - A malicious application may be able to
> bypass Privacy preferences CVE-2021-30761 (WebKit) - Processing
> maliciously crafted web content may lead to arbitrary code execution
> CVE-2021-30762 (WebKit) - Processing maliciously crafted web content may
> lead to arbitrary code execution CVE-2021-30807 (IOMobileFrameBuffer) -
> An application may be able to execute arbitrary code with kernel
> privileges CVE-2021-30858 (WebKit) - Processing maliciously crafted web
> content may lead to arbitrary code execution CVE-2021-30860
> (CoreGraphics) - Processing a maliciously crafted PDF may lead to
> arbitrary code execution CVE-2021-30869 (XNU) - A malicious application
> may be able to execute arbitrary code with kernel privileges
> CVE-2021-30883 (WebContent) - A memory corruption in the app sandbox
> making for good LPE exploits in chains

<https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=android>

"There are 6906 CVE Records that match your search."

<https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=%22mac+os%22>

"There are 3147 CVE Records that match your search.

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor