Stephen Roettger

**Name of the Vulnerable Software and Affected Versions** tmpreaper versions prior to 1.6.13+nmu1+deb9u1 tmpreaper versions prior to 1.6.14 **Description** The issue is related to a race condition when performing a mount via `rename()` in tmpreaper, potentially allowing an attacker to escalate privileges or place files in arbitrary locations within the file system hierarchy. This could include sensitive areas such as `/etc/cron.d/` if the directory being cleaned up is on the same physical filesystem. **Recommendations** For tmpreaper versions prior to 1.6.13+nmu1+deb9u1, update to version 1.6.13+nmu1+deb9u1 or later. For tmpreaper versions prior to 1.6.14, update to version 1.6.14 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.3 Apple OS X versions prior to 10.10.3 Apple TV versions prior to 7.2 **Description** The issue concerns the kernel's handling of IPv6 packets, specifically its failure to properly determine the origin of such packets. This allows remote attackers to bypass network-filtering protections by crafting specific packets. **Recommendations** For Apple iOS versions prior to 8.3, update to version 8.3 or later. For Apple OS X versions prior to 10.10.3, update to version 10.10.3 or later. For Apple TV versions prior to 7.2, update to version 7.2 or later.