Conversation

Hear that whirring noise? That's the sound of 1,000 MacBook Pro fans spinning up as script kiddies open IDA and diff iOS 15.5 against 15.4.1 in a race to jailbreak 15.4.1
2
83
(This is obviously a joke: you'd want to diff macOS 11.6.5 against macOS 11.6.6 instead if you just want to see the security fixes)
2
17
Why that one instead of the rest of Henze's bugs? You go ahead and diff all the dependencies to libMIS/libSecurity/installd if that's what you want; I just want to see how Henze broke DriverKit again.
2
2
I think the security stuff is only in the security framework basically they added these functions: SecPolicyCheckCertExtendedKeyUsageFiltered SecCertificateCopyRFC822NamesFromSAN SecPolicyCheckCertEmailSAN 1/
1
2
Because of the other function changing I assume it might be related to having a certificate with no EKUs matching against a policy with an empty email. But unfortunately I don't know enough of the CS flow to say it for certain. 3/3
2
2
So after a while at this I decided to also diff libmis and I also found a change in X509ChainCheckPathWithOptions which looks more like it. Full analysis pending... (but feel free to analyse it based on this info and then just let me know what you figured out :) )
Show replies