Limewire For Mac Os X 10.10
LimeWire X is a free, peer-to-peer (P2P), file-sharing client for Mac OS X. It uses the Java platform to locate files, as well as share files, and it is one of the few P2P, file-sharing solutions. Hey Developers, If you are using Roblox Studio on Windows or a version of Mac OS that is newer than Mac OS X 10.10, then you can skip reading the rest of this post. Please read on if you or someone you know is using Studio on a machine running Mac OS X 10.10. Beginning November 1st, 2020 we will discontinue support for Mac OS X 10.10 (Yosemite).
Mac OS X for Intel (OSX 10.4, 10.5, 10.6, 10.7, 10.8, 10.9, 10.10, 10.11, 10.12, 10.13, 10.14, 10.15) (Mac abandonware from 2006). Os X 10 10 free download - Apple Safari, Apple Java for OS X 10.6, Apple Mac OS X Mavericks, and many more programs. Mac OS X 10.11 (El Capitan) or later (64-bit) Linux, Unix such as Solaris (64-bit) Android 5.0 (Lollypop) or later. 256 MB of RAM (512 MB Recommended).
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other security updates, see Apple security updates.
OS X Yosemite v10.10.5 and Security Update 2015-006
apache
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities existed in Apache 2.4.16, the most serious of which may allow a remote attacker to cause a denial of service.
Description: Multiple vulnerabilities existed in Apache versions prior to 2.4.16. These were addressed by updating Apache to version 2.4.16.
CVE-ID
CVE-2014-3581
CVE-2014-3583
CVE-2014-8109
CVE-2015-0228
CVE-2015-0253
CVE-2015-3183
CVE-2015-3185
apache_mod_php
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities existed in PHP 5.5.20, the most serious of which may lead to arbitrary code execution.
Description: Multiple vulnerabilities existed in PHP versions prior to 5.5.20. These were addressed by updating Apache to version 5.5.27.
CVE-ID
CVE-2015-2783
CVE-2015-2787
CVE-2015-3307
CVE-2015-3329
CVE-2015-3330
CVE-2015-4021
CVE-2015-4022
CVE-2015-4024
CVE-2015-4025
CVE-2015-4026
CVE-2015-4147
CVE-2015-4148
Apple ID OD Plug-in
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able change the password of a local user
Description: In some circumstances, a state management issue existed in password authentication. The issue was addressed through improved state management.
CVE-ID
CVE-2015-3799 : an anonymous researcher working with HP's Zero Day Initiative
AppleGraphicsControl
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to determine kernel memory layout
Description: An issue existed in AppleGraphicsControl which could have led to the disclosure of kernel memory layout. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2015-5768 : JieTao Yang of KeenTeam
Limewire For Mac Os X 10.100 5
Bluetooth
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in IOBluetoothHCIController. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3779 : Teddy Reed of Facebook Security
Bluetooth
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to determine kernel memory layout
Description: A memory management issue could have led to the disclosure of kernel memory layout. This issue was addressed with improved memory management.
CVE-ID
CVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze Networks
Bluetooth
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious app may be able to access notifications from other iCloud devices
Description: An issue existed where a malicious app could access a Bluetooth-paired Mac or iOS device's Notification Center notifications via the Apple Notification Center Service. The issue affected devices using Handoff and logged into the same iCloud account. This issue was resolved by revoking access to the Apple Notification Center Service.
CVE-ID
CVE-2015-3786 : Xiaolong Bai (Tsinghua University), Luyi Xing (System Security Lab of Indiana University), Tongxin Li (Peking University), XiaoFeng Wang (Indiana University)
Bluetooth
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: An attacker with privileged network position may be able to perform denial of service attack using malformed Bluetooth packets
Description: An input validation issue existed in parsing of Bluetooth ACL packets. This issue was addressed through improved input validation.
CVE-ID
CVE-2015-3787 : moony li of Trend Micro
Bluetooth
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution
Description: Multiple buffer overflow issues existed in blued's handling of XPC messages. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-3777 : mitp0sh of [PDX]
bootp
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: An attacker may be able to determine Wi-Fi networks a device has previously accessed
Description: Upon connecting to a Wi-Fi network, MAC addresses of previously accessed networks may have been broadcast. This issue was addressed by broadcasting only MAC addresses associated with the current SSID.
CVE-ID
CVE-2015-3778 : Piers O'Hanlon of Oxford Internet Institute, University of Oxford (on the EPSRC Being There project)
CloudKit
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to access the iCloud user record of a previously signed in user
Description: A state inconsistency existed in CloudKit when signing out users. This issue was addressed through improved state handling.
CVE-ID
CVE-2015-3782 : Deepkanwal Plaha of University of Toronto
CoreMedia Playback
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
Description: Memory corruption issues existed in CoreMedia Playback. These were addressed through improved memory handling.
CVE-ID
CVE-2015-5777 : Apple
CVE-2015-5778 : Apple
CoreText
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.
CVE-ID
CVE-2015-5761 : John Villamil (@day6reak), Yahoo Pentest Team
CoreText
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.
CVE-ID
CVE-2015-5755 : John Villamil (@day6reak), Yahoo Pentest Team
curl
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities in cURL and libcurl prior to 7.38.0, one of which may allow remote attackers to bypass the Same Origin Policy.
Description: Multiple vulnerabilities existed in cURL and libcurl prior to 7.38.0. These issues were addressed by updating cURL to version 7.43.0.
CVE-ID
CVE-2014-3613
CVE-2014-3620
CVE-2014-3707
CVE-2014-8150
CVE-2014-8151
CVE-2015-3143
CVE-2015-3144
CVE-2015-3145
CVE-2015-3148
CVE-2015-3153
Data Detectors Engine
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Processing a sequence of unicode characters can lead to an unexpected application termination or arbitrary code execution
Description: Memory corruption issues existed in processing of Unicode characters. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-5750 : M1x7e1 of Safeye Team (www.safeye.org)
Date & Time pref pane
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Applications that rely on system time may have unexpected behavior
Description: An authorization issue existed when modifying the system date and time preferences. This issue was addressed with additional authorization checks.
CVE-ID
CVE-2015-3757 : Mark S C Smith
Limewire Mac Os X
Dictionary Application
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: An attacker with a privileged network position may be able to intercept users' Dictionary app queries
Description: An issue existed in the Dictionary app, which did not properly secure user communications. This issue was addressed by moving Dictionary queries to HTTPS.
CVE-ID
CVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security Team
DiskImages
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges
Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team
dyld
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute arbitrary code with system privileges
Description: A path validation issue existed in dyld. This was addressed through improved environment sanitization.
CVE-ID
CVE-2015-3760 : beist of grayhash, Stefan Esser
FontParser
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.
CVE-ID
CVE-2015-3804 : Apple
CVE-2015-5775 : Apple
FontParser
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted font file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.
CVE-ID
CVE-2015-5756 : John Villamil (@day6reak), Yahoo Pentest Team
groff
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Multiple issues in pdfroff
Description: Multiple issues existed in pdfroff, the most serious of which may allow arbitrary filesystem modification. These issues were addressed by removing pdfroff.
CVE-ID
CVE-2009-5044
CVE-2009-5078
ImageIO
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the processing of TIFF images. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2015-5758 : Apple
ImageIO
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Visiting a maliciously crafted website may result in the disclosure of process memory
Description: An uninitialized memory access issue existed in ImageIO's handling of PNG and TIFF images. Visiting a malicious website may result in sending data from process memory to the website. This issue is addressed through improved memory initialization and additional validation of PNG and TIFF images.
CVE-ID
CVE-2015-5781 : Michal Zalewski
CVE-2015-5782 : Michal Zalewski
Install Framework Legacy
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to execute arbitrary code with root privileges
Description: An issue existed in how Install.framework's 'runner' binary dropped privileges. This issue was addressed through improved privilege management. Acpi controller driver for lenovo z580.
CVE-ID
CVE-2015-5784 : Ian Beer of Google Project Zero
Install Framework Legacy
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A race condition existed in Install.framework's 'runner' binary that resulted in privileges being incorrectly dropped. This issue was addressed through improved object locking.
CVE-ID
CVE-2015-5754 : Ian Beer of Google Project Zero
IOFireWireFamily
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute arbitrary code with system privileges
Description: Memory corruption issues existed in IOFireWireFamily. These issues were addressed through additional type input validation.
CVE-ID
CVE-2015-3769 : Ilja van Sprundel
CVE-2015-3771 : Ilja van Sprundel
CVE-2015-3772 : Ilja van Sprundel
IOGraphics
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in IOGraphics. This issue was addressed through additional type input validation.
CVE-ID
CVE-2015-3770 : Ilja van Sprundel
CVE-2015-5783 : Ilja van Sprundel
IOHIDFamily
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute arbitrary code with system privileges
Description: A buffer overflow issue existed in IOHIDFamily. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5774 : TaiG Jailbreak Team
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to determine kernel memory layout
Description: An issue existed in the mach_port_space_info interface, which could have led to the disclosure of kernel memory layout. This was addressed by disabling the mach_port_space_info interface.
CVE-ID
CVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team, @PanguTeam
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: An integer overflow existed in the handling of IOKit functions. This issue was addressed through improved validation of IOKit API arguments.
CVE-ID
CVE-2015-3768 : Ilja van Sprundel
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to cause a system denial of service
Description: A resource exhaustion issue existed in the fasttrap driver. This was addressed through improved memory handling.
CVE-ID
CVE-2015-5747 : The Brainy Code Scanner (m00nbsd)
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to cause a system denial of service
Description: A validation issue existed in the mounting of HFS volumes. This was addressed by adding additional checks.
CVE-ID
CVE-2015-5748 : Maxime Villard of m00nbsd
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to execute unsigned code
Description: An issue existed that allowed unsigned code to be appended to signed code in a specially crafted executable file. This issue was addressed through improved code signature validation.
CVE-ID
CVE-2015-3806 : TaiG Jailbreak Team
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A specially crafted executable file could allow unsigned, malicious code to execute
Description: An issue existed in the way multi-architecture executable files were evaluated that could have allowed unsigned code to be executed. This issue was addressed through improved validation of executable files.
CVE-ID
CVE-2015-3803 : TaiG Jailbreak Team
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute unsigned code
Description: A validation issue existed in the handling of Mach-O files. This was addressed by adding additional checks.
CVE-ID
CVE-2015-3802 : TaiG Jailbreak Team
CVE-2015-3805 : TaiG Jailbreak Team
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted plist may lead to an unexpected application termination or arbitrary code execution with system privileges
Description: A memory corruption existed in processing of malformed plists. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein (@jollyjinx) of Jinx Germany
Kernel
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute arbitrary code with system privileges
Description: A path validation issue existed. This was addressed through improved environment sanitization.
CVE-ID
CVE-2015-3761 : beist of grayish
Libc
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted regular expression may lead to an unexpected application termination or arbitrary code execution
Description: Memory corruption issues existed in the TRE library. These were addressed through improved memory handling.
CVE-ID
CVE-2015-3796 : Ian Beer of Google Project Zero
CVE-2015-3797 : Ian Beer of Google Project Zero
CVE-2015-3798 : Ian Beer of Google Project Zero
Libinfo
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: Memory corruption issues existed in handling AF_INET6 sockets. These were addressed by improved memory handling.
CVE-ID
CVE-2015-5776 : Apple
libpthread
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in handling syscalls. This issue was addressed through improved lock state checking.
CVE-ID
CVE-2015-5757 : Lufeng Li of Qihoo 360
libxml2
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2, the most serious of which may allow a remote attacker to cause a denial of service
Description: Multiple vulnerabilities existed in libxml2 versions prior to 2.9.2. These were addressed by updating libxml2 to version 2.9.2.
CVE-ID
CVE-2014-0191 : Felix Groebert of Google
libxml2
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information
Description: A memory access issue existed in libxml2. This was addressed by improved memory handling
CVE-ID
CVE-2014-3660 : Felix Groebert of Google
libxml2
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information
Description: A memory corruption issue existed in parsing of XML files. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3807 : Apple
libxpc
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in handling of malformed XPC messages. This issue was improved through improved bounds checking.
CVE-ID
CVE-2015-3795 : Mathew Rowley
mail_cmds
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute arbitrary shell commands
Description: A validation issue existed in the mailx parsing of email addresses. This was addressed by improved sanitization.
CVE-ID
CVE-2014-7844
Notification Center OSX
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A malicious application may be able to access all notifications previously displayed to users
Description: An issue existed in Notification Center, which did not properly delete user notifications. This issue was addressed by correctly deleting notifications dismissed by users.
CVE-ID
CVE-2015-3764 : Jonathan Zdziarski
ntfs
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A local user may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in NTFS. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze Networks
OpenSSH
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Remote attackers may be able to circumvent a time delay for failed login attempts and conduct brute-force attacks
Description: An issue existed when processing keyboard-interactive devices. This issue was addressed through improved authentication request validation.
CVE-ID
CVE-2015-5600
OpenSSL
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg, the most serious of which may allow a remote attacker to cause a denial of service.
Description: Multiple vulnerabilities existed in OpenSSL versions prior to 0.9.8zg. These were addressed by updating OpenSSL to version 0.9.8zg.
CVE-ID
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
perl
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted regular expression may lead to disclosure of unexpected application termination or arbitrary code execution
Description: An integer underflow issue existed in the way Perl parsed regular expressions. This issue was addressed through improved memory handling.
CVE-ID
CVE-2013-7422
PostgreSQL
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: An attacker may be able to cause unexpected application termination or gain access to data without proper authentication
Description: Multiple issues existed in PostgreSQL 9.2.4. These issues were addressed by updating PostgreSQL to 9.2.13.
CVE-ID
CVE-2014-0067
CVE-2014-8161
CVE-2015-0241
CVE-2015-0242
CVE-2015-0243
CVE-2015-0244
python
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities existed in Python 2.7.6, the most serious of which may lead to arbitrary code execution
Description: Multiple vulnerabilities existed in Python versions prior to 2.7.6. These were addressed by updating Python to version 2.7.10.
CVE-ID
CVE-2013-7040
CVE-2013-7338
CVE-2014-1912
CVE-2014-7185
CVE-2014-9365
QL Office
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted Office document may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in parsing of Office documents. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5773 : Apple
QL Office
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted XML file may lead to disclosure of user information
Description: An external entity reference issue existed in XML file parsing. This issue was addressed through improved parsing.
CVE-ID
CVE-2015-3784 : Bruno Morisson of INTEGRITY S.A.
Quartz Composer Framework
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted QuickTime file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in parsing of QuickTime files. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-5771 : Apple
Quick Look
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Searching for a previously viewed website may launch the web browser and render that website
Description: An issue existed where QuickLook had the capability to execute JavaScript. The issue was addressed by disallowing execution of JavaScript.
CVE-ID
CVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole
QuickTime 7
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-3779
CVE-2015-5753 : Apple
CVE-2015-5779 : Apple
QuickTime 7
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in QuickTime. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-3765 : Joe Burnett of Audio Poison
CVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos
CVE-2015-5751 : WalkerFuz
SceneKit
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Viewing a maliciously crafted Collada file may lead to arbitrary code execution
Description: A heap buffer overflow existed in SceneKit's handling of Collada files. This issue was addressed through improved input validation.
CVE-ID
CVE-2015-5772 : Apple
SceneKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in SceneKit. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3783 : Haris Andrianakis of Google Security Team
Security
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A standard user may be able to gain access to admin privileges without proper authentication
Description: An issue existed in handling of user authentication. This issue was addressed through improved authentication checks.
CVE-ID
CVE-2015-3775 : [Eldon Ahrold]
Limewire For Mac Os X 10.100
SMBClient
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in the SMB client. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3773 : Ilja van Sprundel
Speech UI
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted unicode string with speech alerts enabled may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in handling of Unicode strings. This issue was addressed by improved memory handling.
CVE-ID
CVE-2015-3794 : Adam Greenbaum of Refinitive
sudo
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9, the most serious of which may allow an attacker access to arbitrary files
Description: Multiple vulnerabilities existed in sudo versions prior to 1.7.10p9. These were addressed by updating sudo to version 1.7.10p9.
CVE-ID
CVE-2013-1775
CVE-2013-1776
CVE-2013-2776
CVE-2013-2777
CVE-2014-0106
CVE-2014-9680
tcpdump
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most serious of which may allow a remote attacker to cause a denial of service.
Description: Multiple vulnerabilities existed in tcpdump versions prior to 4.7.3. These were addressed by updating tcpdump to version 4.7.3.
CVE-ID
CVE-2014-8767
CVE-2014-8769
CVE-2014-9140
Text Formats
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Parsing a maliciously crafted text file may lead to disclosure of user information
Description: An XML external entity reference issue existed with TextEdit parsing. This issue was addressed through improved parsing.
CVE-ID
CVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team
udf
Available for: OS X Yosemite v10.10 to v10.10.4
Impact: Processing a maliciously crafted DMG file may lead to an unexpected application termination or arbitrary code execution with system privileges
Description: A memory corruption issue existed in parsing of malformed DMG images. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3767 : beist of grayhash
OS X Yosemite v10.10.5 includes the security content of Safari 8.0.8.
Updated and republished for macOS 11.1; skip it unless you really really care about all the macOS releases. Originally published on November 14th, 2005.
Below the break is a table showing all major releases of macOS (previously Mac OS X) from the public beta through the latest public version, which is 11.1, as of December 14th, 2020—the 143rd release in total.
Note: Click the ⓘ symbol to read Apple's release notes for a given update.
The following was culled from Apple's support downloads page, and as such, some of the dates may be off just a bit. If you know for certain that something is incorrect, please let me know and I'll get it fixed. (Scroll to see all entries.)
Date | Version | Comments | |||
|---|---|---|---|---|---|
| 2020 | Dec 14 | 25 | 11.1 | 3.27 GB | ⓘ |
| Nov 19 | 7 | 11.0.1 | 2.81 GB | ⓘFirst general release of Big Sur | |
| Nov 12 | 7 | 11.0 | 12.18 GB | ⓘBig Sur - 11.0 only shipped on M1 Macs | |
| Nov 5 | 43 | 10.15.7 SU1 | 1.21 GB | ⓘ | |
| Sep 23 | 42 | 10.15.7 | 2.86 GB | ⓘ | |
| Aug 12 | 28 | 10.15.6 SU1 | 3.22GB GB | ⓘ | |
| Jul 15 | 44 | 10.15.6 | 3.35 GB | ⓘ | |
| Jun 1 | 6 | 10.15.5 SU1 | 1.59 GB | ⓘ | |
| May 26 | 48 | 10.15.5 | 3.37 GB | ⓘ | |
| May 21 | -- | 10.14.6 SU4 | 151 MB | Fixes a launch issue for certain 32-bit apps | |
| Apr 8 | 15 | 10.15.4 SU1 | 1.38 GB | ⓘ | |
| Mar 24 | 56 | 10.15.4 | 3.0 GB | ⓘ | |
| Jan 28 | 49 | 10.15.3 | 3.0 GB | ⓘ | |
| 2019 | Dec 10 | 42 | 10.15.2 | 3.0 GB | ⓘ |
| Oct 29 | 14 | 10.15.1 | 4.5 GB | ⓘ | |
| Oct 15 | 8 | 10.15 SU1 | 985 MB | No info page | |
| Oct 7 | 11 | 10.15 | 4.9 GB | ⓘCatalina - You need more permission! | |
| Sep 26 | 31 | 10.14.6 SU3 | 1.32 GB | ⓘ | |
| Aug 26 | 25 | 10.14.6 SU2 | 1.25 GB | ⓘ | |
| Aug 1 | 10 | 10.14.6 SU1 | 949 MB | ⓘ | |
| Jul 22 | 70 | 10.14.6 | 2.7 GB | ⓘ | |
| May 13 | 49 | 10.14.5 | 2.5 GB | ⓘ | |
| Mar 25 | 62 | 10.14.4 | 2.8 GB | ⓘ | |
| Jan 22 | 48 | 10.14.3 | 2.0 GB | ⓘ | |
| 2018 | Dec 5 | 28 | 10.14.2 | 2.5 GB | ⓘ |
| Nov 7 | 8 | 10.14.1 SU1 | 1.3 GB | ⓘ For 2018 MacBook Air | |
| Oct 30 | 36 | 10.14.1 | 3.3 GB | ⓘ | |
| Sep 24 | 27 | 10.14 | 5.2 GB | ⓘ Mojave - You need permission! | |
| Aug 28 | 38 | 10.13.6 SU2 | 1.32 GB | ⓘ For 2018 Touch Bar MBP…again | |
| Jul 24 | 15 | 10.13.6 SU1 | 1.31 GB | ⓘ For 2018 Touch Bar MBP | |
| Jul 9 | 38 | 10.13.6 | 1.32 GB | ⓘ AirPlay 2 | |
| Jun 1 | 64 | 10.13.5 | 2.12 GB | ⓘ Messages in iCloud | |
| Mar 29 | 37 | 10.13.4 | 2.36 GB | ⓘ Sortable Safari bookmarks!! | |
| Feb 20 | 28 | 10.13.3 SU | 40.4 MB | ⓘ Indian character/Messages crash fix | |
| Jan 23 | 33 | 10.13.3 | 1.97 GB | ⓘ | |
| Jan 8 | 33 | 10.13.2 SU | 633.6 MB | ⓘ Spectre and Meltdown fixes | |
| 2017 | Dec 6 | 36 | 10.13.2 | 2.08 GB | ⓘ |
| Oct 31 | 26 | 10.13.1 | 1.47 GB | ⓘ | |
| Oct 5 | 10 | 10.13 SU | 915 MB | ⓘ Addresses two security issues | |
| Sep 25 | 68 | 10.13 | 4.8 GB | ⓘ High Sierra - Higher in the mountains? | |
| Jul 19 | 65 | 10.12.6 | 1.98 GB | ⓘ | |
| May 15 | 49 | 10.12.5 | 1.57 GB | ⓘ | |
| Mar 27 | 63 | 10.12.4 | 1.56 GB | ⓘ Night Shift | |
| Jan 23 | 41 | 10.12.3 | 1.05 GB | ⓘ | |
| 2016 | Dec 13 | 50 | 10.12.2 | 1.94 GB | ⓘ |
| Oct 24 | 34 | 10.12.1 | 1.36 GB | ⓘ | |
| Sep 20 | 64 | 10.12 | 4.77 GB | ⓘ Sierra - Still in the mountains. | |
| Jul 18 | 63 | 10.11.6 | 759 MB | ⓘ | |
| May 16 | 57 | 10.11.5 | 759 MB | ⓘ | |
| Mar 20 | 61 | 10.11.4 | 1.58 GB | ⓘ | |
| Jan 19 | 41 | 10.11.3 | 662 MB | ⓘ | |
| 2015 | Dec 9 | 49 | 10.11.2 | 1.4 GB | ⓘ |
| Oct 21 | 21 | 10.11.1 | 1.19 GB | ⓘ | |
| Sep 30 | 48 | 10.11 | 6.08 GB | ⓘ El Capitan - Go climb something! | |
| Aug 13 | 44 | 10.10.5 | 1.02 GB | ⓘ | |
| Jun 30 | 75 | 10.10.4 | 1.09 GB | ⓘ | |
| Apr 16 | 8 | 10.10.3 SU | 1.8 MB | ⓘ Supplemental Update | |
| Apr 8 | 71 | 10.10.3 | 1.52 GB | ⓘ Includes Photos app | |
| Jan 27 | 71 | 10.10.2 | 544 MB | ⓘ | |
| 2014 | Nov 17 | 32 | 10.10.1 | 311 MB | ⓘ |
| Oct 16 | 29 | 10.10 | 5.2 GB | ⓘ Yosemite - No surfers here. | |
| Sep 17 | 79 | 10.9.5 | 139 MB | ⓘ | |
| Jun 30 | 46 | 10.9.4 | 283 MB | ⓘ | |
| May 15 | 79 | 10.9.3 | 461 MB | ⓘ | |
| Feb 25 | 71 | 10.9.2 | 460 MB | ⓘ | |
| 2013 | Dec 16 | 55 | 10.9.1 | 243.4 MB | ⓘ |
| Oct 22 | 19 | 10.9 | 5.3 GB | ⓘ Mavericks - All out of big cats! | |
| Oct 3 | 21 | 10.8.5 SU | 19.6 MB | ⓘ Supplemental Update | |
| Sep 12 | 100 | 10.8.5 | 273.7 MB | ⓘ | |
| Jun 4 | 82 | 10.8.4 | 152.0 MB | ⓘ | |
| Mar 14 | 161 | 10.8.3 | 249.0 MB | ⓘ | |
| 2012 | Oct 4 | 15 | 10.8.2 SU | 26.7 MB | ⓘ Supplemental Update |
| Sep 19 | 27 | 10.8.2 | 665.5 MB | ⓘ | |
| Aug 23 | 29 | 10.8.1 | 24.2 MB | ⓘ | |
| Jul 25 | 77 | 10.8 | 4.1 GB | ⓘ Mountain Lion - App Store only | |
| Oct 4 | 15 | 10.7.5 SU | 2.0 MB | ⓘ Supplemental Update | |
| Sep 19 | 133 | 10.7.5 | 1.1 GB | ⓘ Released w/ 10.8.2 | |
| May 9 | 98 | 10.7.4 | 692.7 MB | ⓘ | |
| Feb 1 | 112 | 10.7.3 | 1.3 GB | ⓘ Only combo updater available | |
| 2011 | Oct 12 | 56 | 10.7.2 | 768.8 MB | ⓘ Now iCloud enabled |
| Aug 17 | 29 | 10.7.1 | 79.3 MB | ⓘ | |
| Jul 19 | 26 | 10.7 | 4.1 GB | ⓘ Lion - App Store only (USB stick later) | |
| Jun 23 | 94 | 10.6.8 | 453.6 MB | ⓘ App Store readied for Lion | |
| Mar 21 | 74 | 10.6.7 | 475 MB | ⓘ | |
| Jan 6 | 57 | 10.6.6 | 143.6 MB | ⓘ Can you say 'App Store?' | |
| 2010 | Nov 10 | 148 | 10.6.5 | 644.5 MB | ⓘ |
| Jun 15 | 78 | 10.6.4 | 607.2 MB | ⓘ | |
| Mar 29 | 140 | 10.6.3 | 719.2 MB | ⓘ | |
| 2009 | Nov 9 | 60 | 10.6.2 | 473 MB | ⓘ |
| Sep 10 | 13 | 10.6.1 | 71.5 MB | ⓘ | |
| Aug 28 | 23 | 10.6 | 2.31 GB | ⓘ Snow Leopard - First Intel-only release | |
| Aug 5 | 85 | 10.5.8 | 274 MB | ⓘ | |
| May 12 | 148 | 10.5.7 | 442 MB | ⓘ | |
| 2008 | Dec 15 | 91 | 10.5.6 | 372 MB | ⓘ |
| Sep 15 | 77 | 10.5.5 | 316 MB | ⓘ | |
| Jun 30 | 33 | 10.5.4 | 88 MB | ⓘ | |
| May 28 | 107 | 10.5.3 | 420 MB | ⓘ | |
| Feb 11 | 88 | 10.5.2 | 343 MB | ⓘ Combo updater only | |
| 2007 | Nov 15 | 20 | 10.5.1 | 110 MB | ⓘ |
| Oct 26 | 128 | 10.5 | 2.15 GB | ⓘ Leopard - First universal binary release | |
| Nov 14 | 147 | 10.4.11 | 128 MB | ⓘ This '10' goes to '11' | |
| Jun 20 | 99 | 10.4.10 | 72 MB | ⓘ | |
| Mar 13 | 165 | 10.4.9 | 160 MB | ⓘ | |
| 2006 | Sep 29 | 94 | 10.4.8 | 206 MB | ⓘ |
| Jun 27 | 85 | 10.4.7 | 133 MB | ⓘ | |
| Apr 3 | 48 | 10.4.6 | 163 MB | ⓘ | |
| Feb 14 | 35 | 10.4.5 | 16 MB | ⓘ | |
| Jan 10 | 71 | 10.4.4 | 55 MB | ⓘ First Intel-capable release | |
| 2005 | Oct 31 | 111 | 10.4.3 | 97 MB | ⓘ |
| Jul 12 | 57 | 10.4.2 | 44 MB | ⓘ | |
| May 16 | 17 | 10.4.1 | 37 MB | ⓘ | |
| Apr 29 | 14 | 10.4 | 1.78 GB | ⓘ Tiger | |
| Apr 15 | 65 | 10.3.9 | 51.3 MB | ⓘ | |
| Feb 9 | 56 | 10.3.8 | 26.6 MB | ⓘ | |
| 2004 | Dec 15 | 40 | 10.3.7 | 97 MB | ⓘ Combo updater only |
| Nov 5 | 88 | 10.3.6 | 34 MB | ⓘ | |
| Aug 9 | 75 | 10.3.5 | ??? | ⓘ | |
| May 26 | 72 | 10.3.4 | 79 MB | ⓘ Combo updater only | |
| Mar 15 | 89 | 10.3.3 | 70 MB | ⓘ Combo updater only | |
| 2003 | Dec 17 | 37 | 10.3.2 | 36.9 MB | ⓘ |
| Nov 10 | 17 | 10.3.1 | 1.5 MB | ⓘ | |
| Oct 24 | 21 | 10.3 | 1.54 GB | ⓘ Panther | |
| Oct 3 | 57 | 10.2.8 | 40 MB | ⓘ | |
| Sep 22 | 139 | 10.2.7 | ??? | Only for certain G5s/G4s | |
| May 6 | 26 | 10.2.6 | 26 MB | ⓘ | |
| Apr 10 | 56 | 10.2.5 | 81.9 MB | ⓘ | |
| Feb 13 | 56 | 10.2.4 | 76 MB | ⓘ | |
| 2002 | Dec 19 | 38 | 10.2.3 | 51 MB | ⓘ |
| Nov 11 | 54 | 10.2.2 | 24.4 MB | ⓘ | |
| Sep 18 | 26 | 10.2.1 | 16.3 MB | ⓘ Update not available? | |
| Aug 23 | 79 | 10.2 | 1.03 GB | ⓘ Jaguar | |
| Jun 5 | 47 | 10.1.5 | 45.1 MB | ⓘ Combo updater only | |
| Apr 19 | 57 | 10.1.4 | 1.7 MB | ⓘ | |
| Feb 21 | 62 | 10.1.3 | 16 MB | ⓘ | |
| 2001 | Dec 21 | 37 | 10.1.2 | 29.2 MB | ⓘ |
| Nov 14 | 50 | 10.1.1 | 13.8 MB | ⓘ | |
| Sep 25 | 95 | 10.1 | 989 MB | ⓘ Puma | |
| Jun 22 | 44 | 10.0.4 | 12 MB | ⓘ | |
| May 9 | 8 | 10.0.3 | 15 MB | ⓘ | |
| May 1 | 15 | 10.0.2 | 15 MB | Released but replaced (see comments) | |
| Apr 16 | 23 | 10.0.1 | 4 MB | ⓘ | |
| Mar 24 | 192 | 10.0 | 659 MB | ⓘ Cheetah | |
| 2000 | Sep 13 | -- | 10.0β | 676 MB | ⓘ Public Beta |
Note: The Days column reflects the number of days between releases.
Some entries may appear out of chronological order (i.e. 10.5 is shown on Oct 26, but above Nov 14 for 10.4.11). This is to keep the version numbers in the proper order, even when an older OS received an update after a major new release came out. This has happened a few times over the years.
Some random notes, updated from the original post:
- Starting with the Public Beta and up through 11.1, there have been 143 macOS releases, both major and minor. This figure includes the one odd macOS X release: 10.2.7. This version was only for the then-new PowerMac G5 and the flat panel iMac G4, and was never generally released.
- As of December 14th, 2020 (11.1's release date), it's been 7,397 days since the Public Beta was released. So on average, we've seen some sort of update every 51.7 days.
- The shortest time period between any two releases is six days, which is how quickly the 10.15.5 Supplemental Update 1 came out after the 10.15.5 release.
- The longest time period between any two minor releases is 165 days, which was how long we waited for the 10.4.9 update. (Tecnically, it's actually the 192 day interval between the Mac OS X Public Beta and version 10.0, but I'm counting from the official 10.0 release.)
- The smallest update was 10.3.1, at only 1.5MB. The largest (non-combo, non-main OS release) update was 10.15.1 at 5.3GB.
- The '???' entry for Size on a given release indicates I was unable to find the size. Feel free to contact me if you can help replace any of the '???' entries.
And now, gratuitous graphics…
Releases by version number
Releases by year
A special 'thank you!' goes to Mr. Ziebell (for providing some size values on very-old minor updates), and to Benton Quest (for providing size info on all the major releases up through Snow Leopard). See Benton's comment below if you want a nicely detailed history of those early releases.