Apple Security Advisory 2013-09-18-3 – Xcode 5.0 is now available and addresses a security issue in Git. When using the imap-send command, git did not verify that the server hostname matched a domain name in the X.509 certificate, which allowed a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. This issue was addressed by updating git to version 1.8.3.1.
>> CATEGORY: Security
Apple Security Advisory 2013-09-18-2 – iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities.
McKesson ActiveX File/Environmental Variable Enumeration
Apple Security Advisory 2013-09-18-1 – iTunes 11.1 is now available.
Wordpress Plugin Complete Gallery Manager 3.3.3 – Arbitrary File Upload Vulnerability
TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability
Apple Security Advisory 2013-09-17-1 – OS X Server v2.2.2 is now available and addresses issues in ClamAV, PostgreSQL, and Wiki Server.
Vino VNC Server 3.7.3 – Persistent Denial of Service
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload