iPhoneファームウェアアップデート

iPhoneのファームウェアがアップデートされた。主に、セキュリティ関連のFixがされている模様。Fixされた脆弱性一覧は次のとおり。

Full Apple iPhone security bug fixes list

Safari

CVE-ID: CVE-2007-2400

Available for: iPhone v1.0

Impact: Visiting a malicious website may allow cross-site scripting

Description: Safari's security model prevents JavaScript in remote web pages from modifying pages outside of their domain. A race condition in page updating combined with HTTP redirection may allow JavaScript from one page to modify a redirected page. This could allow cookies and pages to be read or arbitrarily modified. This update addresses the issue by correcting access control to window properties. Credit to Lawrence Lai, Stan Switzer, and Ed Rowe of Adobe Systems, Inc. for reporting this issue.

Safari

CVE-ID: CVE-2007-3944

Available for: iPhone v1.0

Impact: Viewing a maliciously crafted web page may lead to arbitrary code execution

Description: Heap buffer overflows exist in the Perl Compatible Regular Expressions (PCRE) library used by the JavaScript engine in Safari. By enticing a user to visit a maliciously crafted web page, an attacker may trigger the issue, which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller and Jake Honoroff of Independent Security Evaluators for reporting these issues.

WebCore

CVE-ID: CVE-2007-2401

Available for: iPhone v1.0

Impact: Visiting a malicious website may allow cross-site requests

Description: An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could trigger a cross-site scripting issue. This update addresses the issue by performing additional validation of header parameters. Credit to Richard Moore of Westpoint Ltd. for reporting this issue.

WebKit

CVE-ID: CVE-2007-3742

Available for: iPhone v1.0

Impact: Look-alike characters in a URL could be used to masquerade a website

Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by through an improved domain name validity check.

WebKit

CVE-ID: CVE-2007-2399

Available for: iPhone v1.0

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Description: An invalid type conversion when rendering frame sets could lead to memory corruption. Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution. Credit to Rhys Kidd of Westnet for reporting this issue.

ただし、これ以外にも多くのモジュールが更新されているらしい。

88c88 < ./Applications/MobileMail.app/Default-AccountSetup.png 2167 > ./Applications/MobileMail.app/Default-AccountSetup.png 2204 90,91c90,91 < ./Applications/MobileMail.app/Default.png 9723 < ./Applications/MobileMail.app/English.lproj/Main.strings 3312 > ./Applications/MobileMail.app/Default.png 9736 > ./Applications/MobileMail.app/English.lproj/Main.strings 3358 93c93 < ./Applications/MobileMail.app/MobileMail 376940 > ./Applications/MobileMail.app/MobileMail 381176 226c226 < ./Applications/MobileNotes.app/English.lproj/Main.strings 288 > ./Applications/MobileNotes.app/English.lproj/Main.strings 422 228c228 < ./Applications/MobileNotes.app/MobileNotes 89572 > ./Applications/MobileNotes.app/MobileNotes 93812 283c283 < ./Applications/MobilePhone.app/MobilePhone 569000 > ./Applications/MobilePhone.app/MobilePhone 569020 384c384 < ./Applications/MobileSafari.app/English.lproj/Localizable.strings 4373 > ./Applications/MobileSafari.app/English.lproj/Localizable.strings 4395 389c389 < ./Applications/MobileSafari.app/MobileSafari 402596 > ./Applications/MobileSafari.app/MobileSafari 402648 404c404 < ./Applications/MobileSafari.app/StaticBookmarks.plist 252 > ./Applications/MobileSafari.app/StaticBookmarks.plist 256 441c441 < ./Applications/MobileSlideShow.app/MobileSlideShow 43420 > ./Applications/MobileSlideShow.app/MobileSlideShow 43468 514c514 < ./Applications/Preferences.app/English.lproj/Localizable.strings 1153 > ./Applications/Preferences.app/English.lproj/Localizable.strings 1200 516c516 < ./Applications/Preferences.app/English.lproj/Passcode 859 > ./Applications/Preferences.app/English.lproj/Passcode 1160 523c523 < ./Applications/Preferences.app/English.lproj/legal-disclaimer.html 134819 > ./Applications/Preferences.app/English.lproj/legal-disclaimer.html 135438 530c530 < ./Applications/Preferences.app/Passcode 676 > ./Applications/Preferences.app/Passcode 849 532c532 < ./Applications/Preferences.app/Preferences 125196 > ./Applications/Preferences.app/Preferences 124236 538c538 < ./Applications/Preferences.app/Settings.plist 1206 > ./Applications/Preferences.app/Settings.plist 1230 748c748 < ./Applications/YouTube.app/YouTube 228512 > ./Applications/YouTube.app/YouTube 232652 852,853c852,853 < ./System/Library/Caches/com.apple.kernelcaches/kernelcache.release.s5l8900xrb 3260467 < ./System/Library/Caches/com.apple.kernelcaches/kernelcache.s5l8900xrb 3260467 > ./System/Library/Caches/com.apple.kernelcaches/kernelcache.release.s5l8900xrb 3262608 > ./System/Library/Caches/com.apple.kernelcaches/kernelcache.s5l8900xrb 3262608 926c926 < ./System/Library/CoreServices/SpringBoard.app/English.lproj/SpringBoard.strings 10555 > ./System/Library/CoreServices/SpringBoard.app/English.lproj/SpringBoard.strings 10710 988c988 < ./System/Library/CoreServices/SpringBoard.app/SpringBoard 691216 > ./System/Library/CoreServices/SpringBoard.app/SpringBoard 695456 1009c1009 < ./System/Library/CoreServices/SystemVersion.plist 467 > ./System/Library/CoreServices/SystemVersion.plist 466 1148c1148 < ./System/Library/Frameworks/AddressBookUI.framework/AddressBookUI 428692 > ./System/Library/Frameworks/AddressBookUI.framework/AddressBookUI 428708 1150c1150 < ./System/Library/Frameworks/AddressBookUI.framework/Info.plist 371 > ./System/Library/Frameworks/AddressBookUI.framework/Info.plist 373 1168c1168 < ./System/Library/Frameworks/CFNetwork.framework/CFNetwork 395996 > ./System/Library/Frameworks/CFNetwork.framework/CFNetwork 396352 1178c1178 < ./System/Library/Frameworks/Celestial.framework/Celestial 1076832 > ./System/Library/Frameworks/Celestial.framework/Celestial 1081148 1180,1181c1180,1181 < ./System/Library/Frameworks/Celestial.framework/English.lproj/Localizable.strings 446 < ./System/Library/Frameworks/Celestial.framework/Info.plist 322 > ./System/Library/Frameworks/Celestial.framework/English.lproj/Localizable.strings 469 > ./System/Library/Frameworks/Celestial.framework/Info.plist 324 1195,1196c1195,1196 < ./System/Library/Frameworks/CoreSurface.framework/Info.plist 670 < ./System/Library/Frameworks/CoreTelephony.framework/CoreTelephony 208052 > ./System/Library/Frameworks/CoreSurface.framework/Info.plist 674 > ./System/Library/Frameworks/CoreTelephony.framework/CoreTelephony 208216 1199c1199 < ./System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter 378248 > ./System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter 383704 1218c1218 < ./System/Library/Frameworks/GraphicsServices.framework/GraphicsServices 65300 > ./System/Library/Frameworks/GraphicsServices.framework/GraphicsServices 65396 1223c1223 < ./System/Library/Frameworks/IAP.framework/Support/iapd 1012928 > ./System/Library/Frameworks/IAP.framework/Support/iapd 1017080 1236c1236 < ./System/Library/Frameworks/JavaScriptCore.framework/JavaScriptCore 675864 > ./System/Library/Frameworks/JavaScriptCore.framework/JavaScriptCore 667012 1244,1245c1244,1245 < ./System/Library/Frameworks/MeCCA.framework/Info.plist 722 < ./System/Library/Frameworks/MeCCA.framework/MeCCA 1265584 > ./System/Library/Frameworks/MeCCA.framework/Info.plist 726 > ./System/Library/Frameworks/MeCCA.framework/MeCCA 1265912 1252c1252 < ./System/Library/Frameworks/Message.framework/Message 1157912 > ./System/Library/Frameworks/Message.framework/Message 1165072 1266c1266 < ./System/Library/Frameworks/MessageUI.framework/MessageUI 266192 > ./System/Library/Frameworks/MessageUI.framework/MessageUI 266668 1285c1285 < ./System/Library/Frameworks/MobileMusicPlayer.framework/MobileMusicPlayer 30760 > ./System/Library/Frameworks/MobileMusicPlayer.framework/MobileMusicPlayer 34856 1288c1288 < ./System/Library/Frameworks/MoviePlayerUI.framework/MoviePlayerUI 178400 > ./System/Library/Frameworks/MoviePlayerUI.framework/MoviePlayerUI 177492 1312,1313c1312,1313 < ./System/Library/Frameworks/MusicLibrary.framework/MusicLibrary 417396 < ./System/Library/Frameworks/OfficeImport.framework/Versions/A/OfficeImport 5237436 > ./System/Library/Frameworks/MusicLibrary.framework/MusicLibrary 418364 > ./System/Library/Frameworks/OfficeImport.framework/Versions/A/OfficeImport 5237548 1323c1323 < ./System/Library/Frameworks/PhotoLibrary.framework/English.lproj/Main.strings 2514 > ./System/Library/Frameworks/PhotoLibrary.framework/English.lproj/Main.strings 2511 1325c1325 < ./System/Library/Frameworks/PhotoLibrary.framework/PhotoLibrary 380044 > ./System/Library/Frameworks/PhotoLibrary.framework/PhotoLibrary 385900 1353c1353 < ./System/Library/Frameworks/Preferences.framework/Preferences 258156 > ./System/Library/Frameworks/Preferences.framework/Preferences 258400 1371c1371 < ./System/Library/Frameworks/TelephonyUI.framework/TelephonyUI 111884 > ./System/Library/Frameworks/TelephonyUI.framework/TelephonyUI 112336 1461c1461 < ./System/Library/Frameworks/UIKit.framework/UIKit 2184512 > ./System/Library/Frameworks/UIKit.framework/UIKit 2189124 1551c1551 < ./System/Library/Frameworks/WebCore.framework/WebCore 4625660 > ./System/Library/Frameworks/WebCore.framework/WebCore 4635516 1571c1571 < ./System/Library/Internet 43860 > ./System/Library/Internet 48264 1600c1600 < ./System/Library/PreferenceBundles/AirPortSettings.bundle/AirPortSettings 145948 > ./System/Library/PreferenceBundles/AirPortSettings.bundle/AirPortSettings 145932 1604c1604 < ./System/Library/PreferenceBundles/AirPortSettings.bundle/English.lproj/Other 414 > ./System/Library/PreferenceBundles/AirPortSettings.bundle/English.lproj/Other 399 1606c1606 < ./System/Library/PreferenceBundles/AirPortSettings.bundle/Info.plist 423 > ./System/Library/PreferenceBundles/AirPortSettings.bundle/Info.plist 425 1610c1610 < ./System/Library/PreferenceBundles/AirPortSettings.bundle/Other 674 > ./System/Library/PreferenceBundles/AirPortSettings.bundle/Other 655 1628c1628 < ./System/Library/PreferenceBundles/BluetoothSettings.bundle/BluetoothSettings 52732 > ./System/Library/PreferenceBundles/BluetoothSettings.bundle/BluetoothSettings 56956 1634c1634 < ./System/Library/PreferenceBundles/CarrierSettings.bundle/CarrierSettings 44792 > ./System/Library/PreferenceBundles/CarrierSettings.bundle/CarrierSettings 44816 1649c1649 < ./System/Library/PreferenceBundles/MobileMailSettings.bundle/English.lproj/Preferences.strings 6702 > ./System/Library/PreferenceBundles/MobileMailSettings.bundle/English.lproj/Preferences.strings 7008 1651c1651 < ./System/Library/PreferenceBundles/MobileMailSettings.bundle/MobileMailSettings 173964 > ./System/Library/PreferenceBundles/MobileMailSettings.bundle/MobileMailSettings 178888 1673c1673 < ./System/Library/PreferenceBundles/MobilePhoneSettings.bundle/Services.plist 513 > ./System/Library/PreferenceBundles/MobilePhoneSettings.bundle/Services.plist 517 1687c1687 < ./System/Library/PreferenceBundles/VPNPreferences.bundle/English.lproj/MobileVPN.strings 1850 > ./System/Library/PreferenceBundles/VPNPreferences.bundle/English.lproj/MobileVPN.strings 1900 1691c1691 < ./System/Library/PreferenceBundles/VPNPreferences.bundle/VPNPreferences 99472 > ./System/Library/PreferenceBundles/VPNPreferences.bundle/VPNPreferences 99632 1725c1725 < ./System/Library/SystemConfiguration/Aeropuerto.bundle/Aeropuerto 142040 > ./System/Library/SystemConfiguration/Aeropuerto.bundle/Aeropuerto 146152 1729,1730c1729,1730 < ./System/Library/SystemConfiguration/IPConfiguration.bundle/IPConfiguration 165892 < ./System/Library/SystemConfiguration/IPConfiguration.bundle/IPConfiguration.xml 1714 > ./System/Library/SystemConfiguration/IPConfiguration.bundle/IPConfiguration 166596 > ./System/Library/SystemConfiguration/IPConfiguration.bundle/IPConfiguration.xml 1827 1770c1770 < ./private/etc/bluetool/deepsleep.script 170 > ./private/etc/bluetool/deepsleep.script 171 1772c1772 < ./private/etc/bluetool/init.script 2720 > ./private/etc/bluetool/init.script 2841 1787c1787 < ./private/var/db/dyld/update-prebinding-paths.txt 5763 > ./private/var/db/dyld/update-prebinding-paths.txt 6519 1819c1819 < ./usr/lib/liblockdown.dylib 31372 > ./usr/lib/liblockdown.dylib 31620 1831c1831 < ./usr/libexec/SyncAgent 167980 > ./usr/libexec/SyncAgent 167988 1834c1834 < ./usr/libexec/crashreporterd 23896 > ./usr/libexec/crashreporterd 24048 1837c1837 < ./usr/libexec/lockdownd 747188 > ./usr/libexec/lockdownd 751480 1839c1839 < ./usr/libexec/ptpd 133076 > ./usr/libexec/ptpd 133024 1842c1842 < ./usr/sbin/BTServer 1036448 > ./usr/sbin/BTServer 1040832 1846c1846 < ./usr/sbin/mDNSResponder 278660 > ./usr/sbin/mDNSResponder 278688

また、一部のハックを行うと、再度アクティベーションをしなおさなければならなかったり、ファームウェアアップデートに失敗してしまうということが報告されている。DVD Jonの方法やプリペイドプランでアクティベーションしてその後解約したような場合はアクティベーションしなおす必要はない模様。

以上、ソースはiPhone Update 1.0.1 Now Available, Fixes Safari Security Breach, Other Bugsやそのほかのブログなど。