-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and Mac OS X v10.6 Update 17 Java for OS X 2013-005 and Mac OS X v10.6 Update 17 is now available and addresses the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_51 Description: 8011782 Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_65. Further information is available via the Java website at ht tp://www.oracle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5776 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5787 CVE-2013-5789 CVE-2013-5790 CVE-2013-5797 CVE-2013-5801 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5812 CVE-2013-5814 CVE-2013-5817 CVE-2013-5818 CVE-2013-5819 CVE-2013-5820 CVE-2013-5823 CVE-2013-5824 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5831 CVE-2013-5832 CVE-2013-5840 CVE-2013-5842 CVE-2013-5843 CVE-2013-5848 CVE-2013-5849 CVE-2013-5850 Java for OS X 2013-005 and Mac OS X v10.6 Update 17 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/ For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6update17.dmg Its SHA-1 digest is: 5dfe7eaebf9726352c97964da61d57fa28246c08 For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX2013-005.dmg Its SHA-1 digest is: ce78f9a916b91ec408c933bd0bde5973ca8a2dc4 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJSXYc6AAoJEPefwLHPlZEwD8EP/3aN1h4wIM/BjidF3ZY+PXf3 Lzgtb8yAxh03A+J3NJCd3BKmjINXIo9Wwt9aUTktEz4UefvpF+rIsgKSinotvQt0 TmtsYPItFgs83Lj2IFBpCLurM+O0fUhje+mvVzR/KA7kHvrtXYRC5w2plWh32Smm D4Ejh8odeR0IU3OdWV5MJpcRoRpRySX16JOEJc76SIE0+sbOLHZ90rmzyPMB0S2u jZRq8qY3DJS9C5De97gh8F/V76fV8Aiq6RwGPs9m+tJUCJe6XLEy8Wq/G3jlKXyr +KrradRl9Bz5oTUnVDlN9odoOGZ/J4nq4xs0RyN08uETKcw6315+7UTP3B+hD8IM 1YyWeceCd8oHtWlR/02spwaku5ctxiUZpqXQ8DxDH3e8dONBfndfmKGUnywQSFd8 vCgZR0SQgSbhtD/UnNGW9VgJsxKgO4gi17aVD/B9LYmMztsSB+wPkg96uTR6J7yh +ogJqYeOGsMvvQd8XY++ig1bhEsfzzauEWnq3G4WG8E+Fep+5RHZewxnhzakapqW 2z7byXHNXtIP2cxL//DG/x4ed+gAWzKxZyPDPSrltw162mkJk/6mTedtpead4LH8 Ooi4Cf1HMbC9gdRBdtGNWo7EN9kr9rpajuRWjqxT5uTLAgJusKk5UnSO2KJtromy Los4PbyC//yRidZKynqx =I3n5 -----END PGP SIGNATURE-----