--Apple-Mail=_A635050C-AEAF-4ECB-8A05-FF8EA9C2339E Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-15-20-1 OS X Server 3.1.2 OS X Server 3.1.2 is now available and addresses the following: Ruby Available for: OS X Mavericks 10.9.3 or later Impact: Running a Ruby script that uses untrusted input to create a Float object may lead to an application hang or arbitrary code execution Description: A heap-based buffer overflow issue existed in Ruby when converting a string to a floating point value. An attacker could send a specially crafted request to Profile Manager or to a Ruby script, which may lead to an application hang or arbitrary code execution. This issue was addressed through additional validation of floating point values. CVE-ID CVE-2013-4164 OS X Server 3.1.2 may be obtained from Mac App Store. Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTe5cbAAoJEBcWfLTuOo7tHSAP/RTUSdVxw6bwbGQbCxNCM1rM 8NOZEcU5WFTuMfr05Py9MUMiQjrmRYKnT8yTzRIOAzr+jPoRCdLwPimOEXvRnGQw Eh9ayN04TJNG/t73XC+T5U+kqVhT/6/uI2wN/f5YwKbL8+sAsE8Rx3fbNgdZFJz4 hC0pmjgomHlduBjmv3Ai+/GMhHqAkjGXy566Ahk+UShGGNx9cyjSYe4jsD1x+4jS XrG/NHlMLX/1cac/xpCt8BBJu00xtuR50Pfo/pXdT3CN7zcKocQjjDCRJ/n0g97w ZZ5xBv/kLi+3NTStCyDm8gSv5A+0opXXrQ2fh4PGm3s3+O9yAM95zWfeIJg1SiQi FnA6zZE2JdbbQSIKLWKED0/bxWDAKhjHif1EoXL7yMxBqMXu+5eWEqDdc4LyzfWp 7fdyb0sz2fPtpnnbhZPnCLIijxr9exHkrMU8lH8XsLayaL7O6cuJ+Gk5ZJHtC/YS L9uLZKB4VUUI6jHdDOmkbReDCm55WBXVvOBcnxQOfJicQB9hisLIYFEjO75RmYRP fkotB7oaz0OJb8IO8N/AO8UBWEeJu4KI2EDu+a02C6z8b4A6AZvOqdXNFbe9k2iK BkcmHmeMQASMl8tZykVlDrj0tNq3TqQbHs4UYhf9J1c807qqlIYA62g29wOphfzQ DdXqtjMTJ2wcDCaUbREX =a8IW -----END PGP SIGNATURE----- --Apple-Mail=_A635050C-AEAF-4ECB-8A05-FF8EA9C2339E Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJTe5drAAoJEBcWfLTuOo7tLFwQAK7leY17yWpS1Z2A5Hhve2ow j/KpSRqvd5XYEvbLXQRrEHVKuQ4ocUpBQFLrR1wrjpTFYzXIfWrWMoK/tblPXCP5 8D1xCOXsxWUkNoKbvy/Vg2FKlYkK0aJjI+XGEijMLi3/kNVFam1l6/Jws5v7GoRL O660g/FVro3zPgIPSih/tgOTuoRqvHf1uBfqc/Bei4ydans3RxbxLKM6sYZuYeJg Oaz8rMO+Z+BlexxXuKBo2nJDpWr2F4oVrC+4ocrbtjrrmjy3DJE++2E9jetZzeMl FewhzrnbmqHBbuhhjYtHf14codclU1RPRSrBkbLhfTq7MGhh/mYmTsTtTVgG0opN 58LelceromVwqqCjWrP0+0Yog5bRuMKSUqbX0L7DzRe5UY1/OL0jAOiUHFpZdpCq I/gTwOvMQMsLr4yNTd11iOwblQQf+PFe9FpeCt441XV91Qz4cWXw/3KVeTUs/DpI uWxtH7rp4DUk0++RNdoz3tRxNe7LpJnaAsZ1OaUkRt1uOpl7yhdI1cFTC8I4+HxW lE3aoh5Pxic0XsXm+aq6U6P5Y6zkz6fCwQTtvHp8adbd2tdlUhva20xaQSF5vKpU zSCXCuFziQG18ScyWPuL3kIzKZ/LhbJTlBQuHMEMNVBfLBQm9xDD3XXyS/uMGEwV Brir6VFrwWo/CkfpaLCh =GClU -----END PGP SIGNATURE----- --Apple-Mail=_A635050C-AEAF-4ECB-8A05-FF8EA9C2339E--