Home / mailings APPLE-SA-2016-12-13-8 Transporter 1.9.2
Posted on 13 December 2016
Apple Security-announce-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2016-12-13-8 Transporter 1.9.2
Transporter 1.9.2 is now available and addresses the following:
iTMSTransporter
Available for: iTunes Producer 3.1.1, OS X v10.6 and later (64 bit),
Windows 7 and later (32 bit), and Red Hat Enterprise Linux (64 bit)
Impact: Parsing maliciously crafted EPUB may lead to disclosure of
user information
Description: An information disclosure issue existed in the parsing
of EPUB. This issue was addressed through improved parsing.
CVE-2016-7666: Craig Arendt of Stratum Security
Transporter 1.9.2 may be obtained from:
https://itunesconnect.apple.com/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
