Home / mailings APPLE-SA-2017-04-04-1 Apple Music 2.0 for Android
Posted on 05 April 2017
Apple Security-announce-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-04-04-1 Apple Music 2.0 for Android
Apple Music 2.0 for Android is now available and addresses the
following:
Apple Music
Available for: Android version 4.3 or later
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: A certificate validation issue existed in Apple Music
for Android. This issue was addressed through improved certificate
validation.
CVE-2017-2387: David Coomber of Info-Sec.CA
Installation note:
Apple Music 2.0 for Android may be obtained from Google Play.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
