CVE-2025-43390

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...

CVE-2025-43390

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data...

CVE-2025-43390

CVE-2025-43390 describes a downgrade issue on Apple macOS that affects Intel-based Macs, addressed by increased code-signing restrictions. The vulnerability is fixed in macOS Sequoia 15.7.2 and macOS Tahoe 26.1; an app may access user‑sensitive data due to the downgrade path. The provided sources...

CVE-2025-43468

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data...

CVE-2025-43468

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access sensitive user data...

CVE-2025-43468

CVE-2025-43468 affects Intel-based macOS: downgrade issue mitigated by additional code-signing restrictions. Affected releases include macOS Sonoma 14.8.2, Sequoia 15.7.2, and Tahoe 26.1. The issue could allow an app to access sensitive user data. Mitigation/Remediation: fixed in the cited macOS ...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sonoma prior to 14.8.2 and Sequoia prior to 15.7.2, which stems from an insufficient code signing restriction that could cause an...

[SECURITY] Fedora 42 Update: rust-reqsign-core-2.0.0-1.fc42

Signing API requests without effort...

[SECURITY] Fedora 42 Update: rust-reqsign-0.18.0-1.fc42

Signing HTTP requests for AWS, Azure, Google, Huawei, Aliyun, Tencent and Oracle services...

[SECURITY] Fedora 41 Update: rust-reqsign-0.18.0-1.fc41

Signing HTTP requests for AWS, Azure, Google, Huawei, Aliyun, Tencent and Oracle services...

[SECURITY] Fedora 41 Update: rust-reqsign-core-2.0.0-1.fc41

Signing API requests without effort...

PT-2025-44893

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14.8.2 macOS versions prior to Sequoia 15.7.2 Description A flaw exists that could allow an application to access sensitive user data on Intel-based Mac computers. This issue is related to a downgrade scenario an...

PT-2025-44837

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.7.2 Description A flaw exists in macOS that could allow an application to access user-sensitive data due to a downgrade issue affecting Intel-based Mac computers. This issue was addressed with additional code-signing...

About the security content of macOS Sequoia 15.7.2

About the security content of macOS Sequoia 15.7.2 This document describes the security content of macOS Sequoia 15.7.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

About the security content of macOS Sequoia 15.7.2

About the security content of macOS Sequoia 15.7.2 This document describes the security content of macOS Sequoia 15.7.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

kernel security update

4.18.0-553.82.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

kernel security update

5.14.0-570.60.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009 , where "CL" stands for cluster and "STA" refers to...

kernel security update

5.14.0-570.58.1.0.1 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

MGASA-2025-0248 Updated libtpms package fixes security vulnerability

It was discovered that libtpms had a potential out-of-bound access & abort due to HMAC signing issue CVE-2025-49133...