[2010.06.08]数据资源平台项目apple官方补丁分析和建设—陈海英.doc

数据资源平台项目（补丁数据）apple官方补丁分析和建设上海三零卫士信息安全有限公司版本1.0，2010-06-02本文档版权归上海三零卫士信息安全有限公司所有，未经上海三零卫士信息安全有限公司允许，本文档里的任何内容都不得被用来宣传和传播。未经上海三零卫士信息安全有限公司书面批准，文档或任何类似的资讯都不允许被发布。文档控制数据资源平台项目补丁数据建设提 交 方上海三零卫士信息安全有限公司提交日期2010-06-08版本信息日期版本撰写者审核者描述2010-06-081.0陈海英创建所有权声明文档里的资料版权归上海三零卫士信息安全有限公司（“三零卫士”）所有。未经上海三零卫士信息安全有限公司事先书面允许，不得复制或散发任何部分的内容。任何团体或个人未经批准，擅自观看建议书将被认为获取了上海三零卫士信息安全有限公司的私有信息而遭受法律的制裁。目录1补丁信息获取原则42补丁信息获取流程42.1apple安全更新中心42.2具体公告页面62.3download补丁下载中心102.4补丁信息页面102.5下载补丁122.6关联关系123附件124文档确认13数据资源平台项目apple官方补丁分析和建设1 补丁信息获取原则针对apple补丁下载原则：1、以apple公司官方网站为主要源，漏洞表只作为参考；2、按照下述流程下载所有与厂商相关的补丁，及其补丁信息；2 补丁信息获取流程2.1 apple安全更新中心apple官方网站的安全更新中心会发布所有apple产品补丁的相关公告。Apple官方公告链接地址：英文页面：/kb/HT1222中文页面：/kb/HT1222?viewlocale=zh_CN说明：中文页面公告信息滞后英文公告页面信息，滞后时间无统计（下载新数据的补丁时需要参照英文页面的最新更新）。本文档以英文页面信息为例加以阐述。 WebPage-1 /kb/HT1222页面信息如图：分析页面结构，此页面的文档信息包括发布日期文档编号之类的，对于下载补丁直接有用的有两部分：1、 Important处，这里按时间分类给出了apple的历史安全更新的公告链接。2、 页面的下端部分Security updates处给出了2008年01月15号到现在的更新列表。列表可以获取的字段:发布的更新（补丁）的名称和补丁链接、相关的系统、发布时间。2.2 具体公告页面 以Java for Mac OS X 10.5 Update 7为例，点击补丁名称链接进入补丁公告页面WebPage-2/kb/HT4170页面信息包括：1、 公告名称：About the security content of Java for Mac OS X 10.5 Update 7（注：此字段可以截取出修补对象名称：Java for Mac OS X 10.5，还可以截取出补丁名称：Java for Mac OS X 10.5 Update 7。是重要字段。）2、 最后更新时间（Last Modified）：May 18, 20103、 文章（公告）编号（Article:）：HT41704、 公告摘要（Summary）：This document describes the security content of Java for Mac OS X 10.5 Update 7, which can be downloaded and installed via Software Update preferences, or from Apple Downloads.For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.Where possible, CVE IDs are used to reference the vulnerabilities for further information.To learn about other Security Updates, see Apple Security Updates.5、 受影响软件（Products Affected）：Product Security, Java6、 漏洞公告详细信息（Java for Mac OS X 10.5 Update 7）：例如：CVE漏洞编号（CVE-ID）: CVE-2009-3555, CVE-2009-3910, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849, CVE-2010-0886, CVE-2010-0887系统需求（Available for）: Mac OS X v10.5.8, Mac OS X Server v10.5.8影响范围（Impact）: Multiple vulnerabilities in Java 1.6.0_17漏洞描述（Description）: Multiple vulnerabilities exist in Java 1.6.0_17, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_20. Further information is available via the Sun Java website at/javase/6/webnotes/ReleaseNotes.htmlCVE漏洞编号（CVE-ID）: CVE-2009-3555, CVE-2009-3910, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0841, CVE-2010-0842, CVE-2010-0843, CVE-2010-0844, CVE-2010-0846, CVE-2010-0847, CVE-2010-0848, CVE-2010-0849系统需求（Available for）: Mac OS X v10.5.8, Mac OS X Server v10.5.8影响范围（Impact）: Multiple vulnerabilities in Java 1.5.0_22漏洞描述（Description）: Multiple vulnerabilities exist in Java 1.5.0_22, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.5.0_24. Further information is available via the Sun Java website at /j2se/1.5.0/ReleaseNotes.htmlCVE漏洞编号（CVE-ID）: CVE-2010-0538系统需求（Available for）: Mac OS X v10.5.8, Mac OS X Server v10.5.8影响范围（Impact）: Visiting a web page containing a maliciously crafted untrusted Java applet may lead to an unexpected application termination or arbitrary code execution with the privileges of the current user漏洞描述（Description）: An out of bounds memory access issue exists in the handling of mediaLibImage objects. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to an unexpected application termination or arbitrary code execution with the privileges of the current user. This issue is addressed by preventing Java applets from using the com.sun.medialib.mlib package. This issue only affects the Mac OS X implementation of Java. Credit to Marc Schoenefeld of University of Bamberg for reporting this issue.CVE漏洞编号（CVE-ID）: CVE-2010-0539系统需求（Available for）: Mac OS X v10.5.8, Mac OS X Server v10.5.8影响范围（Impact）: Visiting a web page containing a maliciously crafted untrusted Java applet may lead to an unexpected application termination or arbitrary code execution with the privileges of the current user漏洞描述（Description）: A signedness issue exists in the handling of window drawing. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to an unexpected application termination or arbitrary code execution with the privileges of the current user. This issue is addressed through improved bounds checking. This issue only affects the Mac OS X implementation of Java. Credit to Jonathan Bringhurst of Northrop Grumman, and Jeffrey Czerniak for reporting this issue.（注:此字段为重要字段信息）2.3 download补丁下载中心由公告页面信息分析，可以获得如此信息：补丁下载有两个方法，一个是利用软件本身的补丁修复功能下载补丁；另一个是到官方网站的下载中心找到需要的补丁进行下载，此处描述如何到官网下载中心下载；WebPage-3/downloads/由于公告页面的链接没有直接链接到具体要下载的那个补丁的下载页面，而是链接到apple官方的download中心页面，这个页面时所有的apple的产品的下载中心，所以需要人工判断所需要下载的补丁（根据发布时间和补丁名称进行判断，找到相应的补丁链接，补丁名称来源于公告名称，ex：Java for Mac OS X 10.5 Update 7）2.4 补丁信息页面在download下载中心找到Java for Mac OS X 10.5 Update 7，点击超链接进入补丁信息页面：WebPage-4/kb/DL971获取页面信息：1、 补丁概述（About Java for Mac OS X 10.5 Update 7）：Java for Mac OS X 10.5 Update 7 delivers improved compatibility, security, and reliability by updating J2SE 5.0 to 1.5.0_24, and updating Java SE 6 to 1.6.0_20 for 64-bit capable Intel-based Macs. J2SE 1.4.2 is no longer being updated to fix bugs or security issues and remains disabled by default in this update.Please quit any web browsers and Java applications before installing this update.For more details on this update, please visit this website: http:/support.apple