Home / mailings

PDF

APPLE-SA-2014-02-21-3 Apple TV 6.0.2

Posted on 21 February 2014
Apple Security-announce

--===============1594545563==
Content-type: multipart/signed;
boundary="Apple-Mail=_865EB1C7-09F4-46C8-A1EB-71777D2F408E";
protocol="application/pgp-signature"; micalg=pgp-sha1


--Apple-Mail=_865EB1C7-09F4-46C8-A1EB-71777D2F408E
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=us-ascii

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-02-21-3 Apple TV 6.0.2

Apple TV 6.0.2 is now available and addresses the following:

Apple TV
Available for: Apple TV 2nd generation and later
Impact: An attacker with a privileged network position may capture
or modify data in sessions protected by SSL/TLS
Description: Secure Transport failed to validate the authenticity of
the connection. This issue was addressed by restoring missing
validation steps.
CVE-ID
CVE-2014-1266

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> General -> Update Software".

To check the current version of software, select
"Settings -> General -> About".

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

 

TOP