-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-03-31-2025-2 Xcode 16.3
Xcode 16.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/122380. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. IDE Assets Available for: macOS Sequoia 15.2 and later Impact: A malicious app may be able to access private information Description: The issue was addressed with improved checks. CVE-2025-24226: Mickey Jin (@patch1t) Instruments Available for: macOS Sequoia 15.2 and later Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed through improved state management. CVE-2025-30441: Claudio Bozzato and Francesco Benvenuto of Cisco Talos Xcode 16.3 may be obtained from: https://developer.apple.com/xcode/downloads/. To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "Xcode 16.3". All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmfrHSIACgkQX+5d1TXa Ivq6mw/8Dudu4G9FwNgHKJCmfF4RdUwZ0rTSxBQD32HOheTLJ/SFMtQdR5MkAy6N cfXOJUBtZ5k10nZo90ARhHP6OQaUgt2nVT2+4A6TjRIJH7YoCLCPuwqPAfE3abom 7Ci0f/aQmKzYVksBJAewg5GjT8qZ2m4Hoe5IXQ2ieIkI34jKLaoBMXJsuIDCnrhf uPRGrtT59xIFQtjwLvHAsfCKRYUqQIskUFqRSu4Eoj1/s8Btn1yeJbxxq6xu2a43 24xmc78l2TnkHNwV+TMOs58wee6etsMO5Jd4AAkdhLG48RRTOZa3dXf32mh6HLvG HDNTFGZ50ckagYN9VJiciGUClUAoqgtJGpxSAzRji87L/+wV7RQgFQlD4AWKTUkf N7R2FGafPZ2/0v+/aQsxJ2V15u+5597x3alretGNgav5OYCsbIXWNf5R6mGYGOqh 6Cgj5qKNPvYWB0/JClLv8GCodfRGEzURfglwWlJFERBCBR8T4bNBZ1cvYU2T0g75 1iu6v5UOH1Yolb1tcJN9erhxluwIrTgtyw2raekiRWTqRvyDbSHKzzZD0u8utZkt fppK5T4ha/vrPX5yfjb1KuuXsuqSTP61IOeJ3jYXoKDHncK9vt3DMmefNLuC6Y0z Gs0e0tBZWXEKXNhkltd4dYf4J6EtGKUF+/zmh4x6DrkfiFi5sr8= =bD1P -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
