Home / mailings APPLE-SA-09-26-2023-6 Xcode 15
Posted on 26 September 2023
Apple Security-announceAPPLE-SA-09-26-2023-6 Xcode 15
Xcode 15 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213939.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Dev Tools
Available for: macOS Ventura 13.5 and later
Impact: An app may be able to gain elevated privileges
Description: This issue was addressed with improved checks.
CVE-2023-32396: Mickey Jin (@patch1t)
GPU Drivers
Available for: macOS Ventura 13.5 and later
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-40391: Antonio Zekic (@antoniozekic) of Dataflow Security
iTMSTransporter
Available for: macOS Ventura 13.5 and later
Impact: An app may be able to access App Store credentials
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-40435: James Duffy (mangoSecure)
Xcode 15 may be obtained from:
https://developer.apple.com/xcode/downloads/ To check that the Xcode
has been updated: * Select Xcode in the menu bar * Select About
Xcode * The version after applying this update will be "Xcode 15".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
