Get started with App.net.

  Sign up now  
maclemon
    #iOSSecurity iOS 9.3.3 available for iPhone 4s, iPod touch (5th gen), iPad 2, and all later iOS devices, fixes 43 vulnerabilities. https://support.apple.com/en-us/HT206902
    maclemon
      #watchOSSecurity watchOS 2.2.2 fixes 29 vulnerabilities on your ᴡᴀᴛᴄʜ. https://support.apple.com/en-us/HT206904
      maclemon
        #MacSecurity OS X El Capitan v10.11.6 and Security Update 2016-004 for Mavericks & Yosemite fix 59 vulnerabilities. https://support.apple.com/en-us/HT206903
        maclemon
          #tvOSsecurity Apple released tvOS 9.2.2 for AppleTV 4th generation fixing 36 mixed vulnerabilities. https://support.apple.com/en-us/HT206905
          maclemon
            #MacSecurity Apple released Safari 9.1.2 for Mavericks, Yosemite & El Capitan fixing 12 WebKit & js issues. https://support.apple.com/en-us/HT206900
            maclemon
              #AppleSecurity Apple released iTunes 12.4.2 for Windows which fixes 15 XML/XSLT vulnerabilities. https://support.apple.com/en-us/HT206901
              maclemon
                #AppleSecurity Apple released iCloud for Windows 5.2.1 which fixes 15 XML vulnerabilities. https://support.apple.com/en-us/HT206899
                maclemon
                  @grahamperrin Oh wow, that’s typically Apple. Not a media covered issue, gets ignored. I had Keychain issues where you could unauthenticated empty all keychains or selected items with a single call. Reported in 10.4. during beta. Finally fixed in 10.7.
                  maclemon
                    @grahamperrin That was just an example. There’s a lot of horrible bugs in Server.app Apple doesn’t care to fix. Unauthenticated delete of course being an excellent attack vector for DoS/Data loss. Will you file RDARs on this?
                    maclemon
                      @grahamperrin “Ignore ownership” is a volume setting, not a fileserver setting. There’s also a LOT really broken with SMB2 and SMB3 currently. Where Users can’t write to their own home directory over the network, etc. I filed > 60 bugs against Server 5…
                      maclemon
                        @grahamperrin @mikebeas @bmike I expect ZEVO to be vulnerable since it doesn’t properly apply ACLs and especially Group ACLs. This has been fixed in OpenZFS since 1.5.x. All sorts of fun to be had when volumes are set to ignore ownership.
                        maclemon
                          @ferebee That’s why I’m on FreeBSD. Mature ZFS, Jails are like Zones or vice versa. Didn’t need to touch any Linux containers yet. No systemd goes near my boxes and yes, I’m sad for Debian in that regard. It served me well in the few cases I used Linux.
                          maclemon
                            @ferebee That’s pretty much what I thought as well. I’m not directly affected since I’ve moved my stuff to FreeBSD by now since it suits my workloads better than Illumos/Solaris based systems. My SunBlade still runs OpenSolaris 10 though. :-)
                            maclemon
                              #tvOSSecurity Apple released #tvOS 9.2.1 for tv 4th generation fixing 33 security issues. https://support.apple.com/en-us/HT206564
                              maclemon
                                #MacSecurity Apple released Safari 9.1.1 (for 10.9.5, 10.10.5, and 10.11.5) fixing 7 security issues! https://support.apple.com/en-us/HT206565
                                maclemon
                                  #MacSecurity Apple released OS X El Capitan 10.11.5 and Security update 2016-003 (for 10.10.5, 10.9.5) which fixes 67 security issues! https://support.apple.com/en-us/HT206567
                                  maclemon
                                    #iOSSecurity Apple released iOS 9.3.2 for 44 devices, which fixes 39 security issues. Details: https://support.apple.com/en-us/HT206568