Threat Level: green Handler on Duty: Richard Porter

SANS ISC InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple updates iPod Touch + Bonjour for Windows

Published: 2008-09-10
Last Updated: 2008-09-10 04:15:16 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

APPLE-SA-2008-09-09 iPod touch v2.1 and APPLE-SA-2009-09-09 Bonjour for Windows 1.0.5 issued today.

Bonjour for Windows 1.0.5 is now available and addresses the following issues:
mDNSResponder CVE-ID:  CVE-2008-2326 and CVE-2008-3630

Impact is DNS cache poisoning and application termination. Download here.

iPod touch v2.1 is now available and addresses the following issues:
Application Sandbox CVE-ID:  CVE-2008-3631
CoreGraphics CVE-ID:  CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
mDNSResponder CVE-ID:  CVE-2008-1447
Networking CVE-ID:  CVE-2008-3612
WebKit CVE-ID:  CVE-2008-3632

Impact varies from arbitrary code execution, disclosure of data, session hijacking, and DNS cache poisoning.

"Installation note:

This update is only available through iTunes, and will not appear in
your computer's Software Update application, or in the Apple
Downloads site. Make sure you have an internet connection and have
installed the latest version of iTunes from "

Information will also be posted to the Apple Security Updates
web site:

Patch now!

Adrien de Beaupré

0 comment(s)
Diary Archives