FredericJacobs/gist:a548bd9e5400fa378978

## gistfile1.txt
iCloud Keychain
Available for:  OS X Yosemite v10.10.2
Impact:  An attacker with a privileged network position may be able
to execute arbitrary code
Description:  Multiple buffer overflows existed in the handling of
data during iCloud Keychain recovery. These issues were addressed
through improved bounds checking.
CVE-ID
CVE-2015-1065 : Andrey Belenko of NowSecure

IOAcceleratorFamily
Available for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X Yosemite v10.10.2
Impact:  A malicious application may be able to execute arbitrary
code with system privileges
Description:  An off by one issue existed in IOAcceleratorFamily.
This issue was addressed through improved bounds checking.
CVE-ID
CVE-2015-1066 : Ian Beer of Google Project Zero

IOSurface
Available for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X Yosemite v10.10.2
Impact:  A malicious application may be able to execute arbitrary
code with system privileges
Description:  A type confusion issue existed in IOSurface's handling
of serialized objects. The issue was addressed through additional
type checking.
CVE-ID
CVE-2015-1061 : Ian Beer of Google Project Zero

Kernel
Available for:  OS X Yosemite v10.10.2
Impact:  Maliciously crafted or compromised applications may be able
to determine addresses in the kernel
Description:  The mach_port_kobject kernel interface leaked kernel
addresses and heap permutation value, which may aid in bypassing
address space layout randomization protection. This was addressed by
disabling the mach_port_kobject interface in production
configurations.
CVE-ID
CVE-2014-4496 : TaiG Jailbreak Team

Secure Transport
Available for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
and OS X Yosemite v10.10.2
Impact:  An attacker with a privileged network position may intercept
SSL/TLS connections
Description:  Secure Transport accepted short ephemeral RSA keys,
usually used only in export-strength RSA cipher suites, on
connections using full-strength RSA cipher suites. This issue, also
known as FREAK, only affected connections to servers which support
export-strength RSA cipher suites, and was addressed by removing
support for ephemeral RSA keys.
CVE-ID
CVE-2015-1067 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine
Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of
Prosecco at Inria Paris
	iCloud Keychain
	Available for: OS X Yosemite v10.10.2
	Impact: An attacker with a privileged network position may be able
	to execute arbitrary code
	Description: Multiple buffer overflows existed in the handling of
	data during iCloud Keychain recovery. These issues were addressed
	through improved bounds checking.
	CVE-ID
	CVE-2015-1065 : Andrey Belenko of NowSecure

	IOAcceleratorFamily
	Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
	and OS X Yosemite v10.10.2
	Impact: A malicious application may be able to execute arbitrary
	code with system privileges
	Description: An off by one issue existed in IOAcceleratorFamily.
	This issue was addressed through improved bounds checking.
	CVE-ID
	CVE-2015-1066 : Ian Beer of Google Project Zero

	IOSurface
	Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
	and OS X Yosemite v10.10.2
	Impact: A malicious application may be able to execute arbitrary
	code with system privileges
	Description: A type confusion issue existed in IOSurface's handling
	of serialized objects. The issue was addressed through additional
	type checking.
	CVE-ID
	CVE-2015-1061 : Ian Beer of Google Project Zero

	Kernel
	Available for: OS X Yosemite v10.10.2
	Impact: Maliciously crafted or compromised applications may be able
	to determine addresses in the kernel
	Description: The mach_port_kobject kernel interface leaked kernel
	addresses and heap permutation value, which may aid in bypassing
	address space layout randomization protection. This was addressed by
	disabling the mach_port_kobject interface in production
	configurations.
	CVE-ID
	CVE-2014-4496 : TaiG Jailbreak Team

	Secure Transport
	Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
	and OS X Yosemite v10.10.2
	Impact: An attacker with a privileged network position may intercept
	SSL/TLS connections
	Description: Secure Transport accepted short ephemeral RSA keys,
	usually used only in export-strength RSA cipher suites, on
	connections using full-strength RSA cipher suites. This issue, also
	known as FREAK, only affected connections to servers which support
	export-strength RSA cipher suites, and was addressed by removing
	support for ephemeral RSA keys.
	CVE-ID
	CVE-2015-1067 : Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine
	Delignat-Lavaud, Alfredo Pironti, and Jean Karim Zinzindohoue of
	Prosecco at Inria Paris