Hear that whirring noise? That's the sound of 1,000 MacBook Pro fans spinning up as script kiddies open IDA and diff iOS 15.5 against 15.4.1 in a race to jailbreak 15.4.1
Conversation
(This is obviously a joke: you'd want to diff macOS 11.6.5 against macOS 11.6.6 instead if you just want to see the security fixes)
2
17
I’m really interested in hearing about what CVE-2022-26766 was support.apple.com/en-us/HT213258 👀 Especially because of who found it
1
1
Why that one instead of the rest of Henze's bugs? You go ahead and diff all the dependencies to libMIS/libSecurity/installd if that's what you want; I just want to see how Henze broke DriverKit again.
2
2
I think the security stuff is only in the security framework basically they added these functions:
SecPolicyCheckCertExtendedKeyUsageFiltered
SecCertificateCopyRFC822NamesFromSAN
SecPolicyCheckCertEmailSAN
1/
1
2
2
Where the most interesting change is probably that they no longer blindly succeed here: github.com/apple-oss-dist but instead now have a flag that let's them fail here.
2/
1
1
5
Because of the other function changing I assume it might be related to having a certificate with no EKUs matching against a policy with an empty email. But unfortunately I don't know enough of the CS flow to say it for certain.
3/3
2
2
Show replies