When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status. This vulnerability affects Thunderbird < 91.4.1.

**Mozilla Foundation Security Advisory 2021-55**

Announced

December 21, 2021

Impact

moderate

Products

Thunderbird

Fixed in

*   Thunderbird 91.4.1

**#CVE-2021-4126: OpenPGP signature status doesn't consider additional message content**

Reporter

Kai Engert

Impact

moderate

**Description**

When receiving an OpenPGP/MIME signed email message that contains an additional outer MIME message layer, for example a message footer added by a mailing list gateway, Thunderbird only considered the inner signed message for the signature validity. This gave the false impression that the additional contents were also covered by the digital signature. Starting with Thunderbird version 91.4.1, only the signature that belongs to the top level MIME part will be considered for the displayed status.

**References**

*   Bug 1732310

**#CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow**

Reporter

brevilo

Impact

moderate

**Description**

Thunderbird users who use the Matrix chat protocol were vulnerable to a buffer overflow in libolm, that an attacker may trigger by a crafted sequence of messages. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits.

**References**

*   Bug 1744056

CVE-2021-4126: Security Vulnerabilities fixed in Thunderbird 91.4.1

The WP Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping on 'icon' user supplied attribute. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

1<?php2   /\*3   Plugin Name: WP Font Awesome4   Plugin URI: https://wordpress.org/plugins/wp-font-awesome/5   Description: This plugin allows the easily embed Font Awesome to your site.6   Version: 1.7.97   Author: Zayed Baloch8   Author URI: https://www.zayedbaloch.com/9   License: GPL210   \*/1112defined('ABSPATH') or die("No script kiddies please!");13define( 'ZB\_FAWE\_VERSION',   '1.7.9' );14define( 'ZB\_FAWE\_URL', plugins\_url( '', \_\_FILE\_\_ ) );15define( 'ZB\_FAWE\_TEXTDOMAIN',  'zb\_font\_awesome' );1617function zb\_wp\_font\_awesome() {18  load\_plugin\_textdomain( ZB\_FAWE\_TEXTDOMAIN );19}20add\_action( 'init', 'zb\_wp\_font\_awesome' );21222324function wp\_font\_awesome\_style() {2526  wp\_register\_style('fontawesome-css-6', ZB\_FAWE\_URL . '/font-awesome/css/fontawesome-all.min.css', array(), ZB\_FAWE\_VERSION);27  wp\_enqueue\_style('fontawesome-css-6');2829  wp\_register\_style('fontawesome-css-4', ZB\_FAWE\_URL . '/font-awesome/css/v4-shims.min.css', array(), ZB\_FAWE\_VERSION);30  wp\_enqueue\_style('fontawesome-css-4');31  32}33add\_action('wp\_enqueue\_scripts', 'wp\_font\_awesome\_style');3435function wp\_font\_awesome\_style\_admin() {36    // TODO: Only Load on Edit Page37    wp\_enqueue\_style('wp-font-awesome-script-admin', ZB\_FAWE\_URL.'/style.css');38}3940add\_action('admin\_enqueue\_scripts', 'wp\_font\_awesome\_style\_admin');4142/\*function wp\_font\_awesome\_admin\_script() {43  wp\_enqueue\_script( 'wp-font-awesome-script', ZB\_FAWE\_URL . '/script.js', array( 'jquery' ), ZB\_FAWE\_VERSION, true );44}45add\_action( 'admin\_enqueue\_scripts', 'wp\_font\_awesome\_admin\_script' );\*/4647function wp\_fa\_shortcode( $atts ) {48  extract( shortcode\_atts( array( 'icon' \=> 'home', 'size' \=> '', 'color' \=> '', 'sup' \=> ''), $atts ) );49  if ( $size ) { $size \= esc\_attr(' fa-'.$size); } else{ $size \= ''; }50  if ( $color ) { $color \= ' style="color: '.esc\_attr($color) ; } else{ $color \= esc\_attr(''); }5152  if ( strtolower($sup) \=== 'yes' ) {53    return '';54  } else{55    return '';56  }57}5859function wp\_fa5s\_shortcode( $atts ) {60  extract( shortcode\_atts( array( 'icon' \=> 'home', 'size' \=> '', 'color' \=> '', 'sup' \=> '' ), $atts ) );61  if ( $size ) { $size \= esc\_attr(' fa-'.$size); }62  else{ $size \= ''; }6364  if ( $color ) { $color \= ' style="color: '.esc\_attr($color) ; }65  else{ $color \= ''; }6667  if ( strtolower($sup) \=== 'yes' ) {68    return '';69  } else{70    return '';71  }72}7374function wp\_fa5r\_shortcode( $atts ) {75  extract( shortcode\_atts( array( 'icon' \=> 'home', 'size' \=> '', 'color' \=> '', 'sup' \=> '' ), $atts ) );76  if ( $size ) { $size \= esc\_attr(' fa-'.$size); }77  else{ $size \= ''; }7879  if ( $color ) { $color \= ' style="color: '.esc\_attr($color) ; }80  else{ $color \= ''; }8182  if ( strtolower($sup) \=== 'yes' ) {83    return '';84  } else{85    return '';86  }8788}8990function wp\_fa5b\_shortcode( $atts ) {91  extract( shortcode\_atts( array( 'icon' \=> 'home', 'size' \=> '', 'color' \=> '', 'sup' \=> '' ), $atts ) );92  if ( $size ) { $size \= esc\_attr(' fa-'.$size); }93  else{ $size \= ''; }9495  if ( $color ) { $color \= ' style="color: '.esc\_attr($color) ; }96  else{ $color \= ''; }9798  if ( strtolower($sup) \=== 'yes' ) {99    return '';100  } else{101    return '';102  }103104}105106add\_shortcode( 'wpfa', 'wp\_fa\_shortcode' );107add\_shortcode( 'wpfa5s', 'wp\_fa5s\_shortcode' );108add\_shortcode( 'wpfa5r', 'wp\_fa5r\_shortcode' );109add\_shortcode( 'wpfa5b', 'wp\_fa5b\_shortcode' );110111add\_filter('wp\_nav\_menu\_items', 'do\_shortcode');112add\_filter('widget\_text', 'do\_shortcode');113add\_filter('widget\_title', 'do\_shortcode');114115function wpfa\_add\_shortcode\_to\_title( $title ){116  return do\_shortcode($title);117}118add\_filter( 'the\_title', 'wpfa\_add\_shortcode\_to\_title' );119120121function wpfontawesome\_register\_setting\_page() {122  add\_options\_page('WP Font Awesome', 'WP Font Awesome', 'manage\_options', 'wpFontAwesome', 'wpfontawesome\_setting\_page');123}124add\_action('admin\_menu', 'wpfontawesome\_register\_setting\_page');125126function wpfontawesome\_setting\_page(){127?>128129  <h2>WP Font Awesome &nbsp;&nbsp;Version: 1.7</h2>130  This plugin allows you to easily embed Font Awesome icon to your site with simple shortcodes.131132  <h2>Shortcodes</h2>133Introduced three new shortcode for Font Awesome support.134135Font Awesome 5136<code>\[wpfa5s icon="home" size="3x" color"#336699"\]</code> for Solid style.137<code>\[wpfa5r icon="user" color="red"\]</code> for Regular style. support only in few icon.138<code>\[wpfa5b icon="wordpress" size="5x" color="#3B5998"\]</code> for Brands.139 140Font Awesome 4.7141<code>\[wpfa icon="gear" color="green"\]</code>.142143 144<h2>Size</h2>145<code>xs</code>, <code>sm</code>, <code>lg</code>, <code>2x</code>, <code>3x</code>, <code>5x</code>, <code>7x</code>, <code>10x</code>146147 <hr/>148Note: The <code>fa</code> prefix has been deprecated in version 5. The new default is the <code>fas</code> solid style <code>far</code> regular style and the <code>fab</code> style for brands.149150WP Font Awesome plugin still support Font Awesome version 4151152<?php153}154155// Add custom action links156add\_filter( 'plugin\_action\_links\_' . plugin\_basename( \_\_FILE\_\_ ), 'wpfontawesome\_zb\_action\_link' );157158function wpfontawesome\_zb\_action\_link( $links ) {159  $plugin\_links \= array(160    '<a href="' . admin\_url( 'options-general.php?page=wpFontAwesome' ) . '">' . \_\_( 'Help', ZB\_FAWE\_TEXTDOMAIN ) . '</a>',161  );162  return array\_merge( $plugin\_links, $links );163}164165166function wp\_font\_awesome\_add\_mce\_button() {167  // check user permissions168  if ( !current\_user\_can( 'edit\_posts' ) &&  !current\_user\_can( 'edit\_pages' ) ) {169             return;170     }171 // check if WYSIWYG is enabled172 if ( 'true' \== get\_user\_option( 'rich\_editing' ) ) {173     add\_filter( 'mce\_external\_plugins', 'wp\_font\_awesome\_add\_tinymce\_plugin' );174     add\_filter( 'mce\_buttons', 'wp\_font\_awesome\_register\_mce\_button' );175     }176}177add\_action('admin\_head', 'wp\_font\_awesome\_add\_mce\_button');178179// register new button in the editor180function wp\_font\_awesome\_register\_mce\_button( $buttons ) {181  array\_push( $buttons, 'shortcode\_wp\_font\_awesome\_insert' );182  return $buttons;183}184185186// declare a script for the new button187// the script will insert the shortcode on the click event188function wp\_font\_awesome\_add\_tinymce\_plugin( $plugin\_array ) {189  $plugin\_array\['shortcode\_wp\_font\_awesome\_insert'\] \= ZB\_FAWE\_URL .'/script.js';190  return $plugin\_array;191}

CVE-2023-5127: wp-font-awesome.php in wp-font-awesome/trunk – WordPress Plugin Repository

Code Sector TeraCopy 3.9.7 does not perform proper access validation on the source folder during a copy operation. This leads to Arbitrary File Read by allowing any user to copy any directory in the system to a directory they control.

CVE-2023-29586: CWE - CWE-285: Improper Authorization (4.10)

### Impact

The `status`, `reinstall` and `remove` commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code.

### Patches

2.2.24 for 2.2 LTS or 2.7.7 for mainline

### Workarounds

Avoid installing dependencies via git by using `--prefer-dist` or the `preferred-install: dist` config setting.


1. GitHub Advisory Database
2. GitHub Reviewed
3. CVE-2024-35241

**Composer has a command injection via malicious git branch name**

High severity GitHub Reviewed Published Jun 10, 2024 in composer/composer • Updated Jun 10, 2024

**Package**

composer composer/composer (Composer)

**Affected versions**

\>= 2.0, < 2.2.24

\>= 2.3, < 2.7.7

**Patched versions**

2.2.24

2.7.7

**Impact**

The status, reinstall and remove commands with packages installed from source via git containing specially crafted branch names in the repository can be used to execute code.

**Patches**

2.2.24 for 2.2 LTS or 2.7.7 for mainline

**Workarounds**

Avoid installing dependencies via git by using --prefer-dist or the preferred-install: dist config setting.

**References**

* GHSA-47f6-5gq3-vx9c
* composer/composer@b93fc6c
* composer/composer@ee28354

Published to the GitHub Advisory Database

Jun 10, 2024

Last updated

Jun 10, 2024

GHSA-47f6-5gq3-vx9c: Composer has a command injection via malicious git branch name

SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete the data with a high impact to availability.

CVE-2023-24524

Mattermost fails to properly check permissions when retrieving a post allowing for a System Role with the permission to manage channels to read the posts of a DM conversation.



Skip to content

* * Actions
 
 Automate any workflow
 
 * Packages
 
 Host and manage packages
 
 * Security
 
 Find and fix vulnerabilities
 
 * Codespaces
 
 Instant dev environments
 
 * Copilot
 
 Write better code with AI
 
 * Code review
 
 Manage code changes
 
 * Issues
 
 Plan and track work
 
 * Discussions
 
 Collaborate outside of code
 
 

* * GitHub Sponsors
 
 Fund open source developers
 
 
 * The ReadME Project
 
 GitHub community articles
 
 
* Pricing

1. GitHub Advisory Database
2. GitHub Reviewed
3. CVE-2023-5193

**Mattermost Incorrect Authorization vulnerability**

Moderate severity GitHub Reviewed Published Sep 29, 2023 to the GitHub Advisory Database • Updated Sep 29, 2023

**Package**

gomod github.com/mattermost/mattermost-server/v6 (Go)

**Affected versions**

< 7.8.10

gomod github.com/mattermost/mattermost/server/v8 (Go)

\= 8.1.0

\>= 8.0.0, < 8.0.2

**Description**

Published to the GitHub Advisory Database

Sep 29, 2023

Last updated

Sep 29, 2023

GHSA-h8wh-f7gw-fwpr: Mattermost Incorrect Authorization vulnerability

Pega Platform versions 7.2 to 8.8.1 are affected by an XSS issue.

Pega continually works to implement security controls designed to protect client environments. With this focus, Pega has recently identified a security vulnerability that is rated High on the CVSS scale. We would like to thank **Maciej Piechota** **and** **Adam Simuntis** **from** **SECFORCE** for finding this vulnerability. 

Issue 

Description 

Impact

A23

Reflected Cross Site Script (XSS) vulnerability  

Cross-site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website. Attackers often initiate an XSS attack by sending a malicious link to a user and enticing the user to click it.    

Clients with internet-facing applications should update or apply the local change.  Clients running their own infrastructure should consult their security teams. 

 

 

 

We are not aware of any of our clients being compromised as a result of this vulnerability. 

For all clients, guidance is being provided to address the issue with a local change. The remediation for this issue will be included as part of the product in the 8.7.5 and 8.8.2 patch releases and the Infinity 23’ release of the Pega Platform.  

It is very important to keep your Pega systems current on the latest patch releases. The local change remediation is detailed in your **Client Advisory, \[CAD-\] case** that was provided to your **security and administrator contacts** on **Mar 2, 2023,** in My Support Portal.  

**CVE Details**

CVE Details 

A23 

Software/Product 

Pega Platform 

Affected Version(s) 

From 7.2 to 8.8.1 

CVE ID 

CVE-2023-26465 

CVSS Rating 

8.0 

Description 

Reflected Cross-Site Script (XSS) vulnerability

CVE-2023-26465: Support Center

Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.

Advisory ID

CVE Number

Date discovered

Severity

Advisory revision

STORM-2021-072

CVE-2021-45091

09/17/2021

low

v1

**Vulnerability details**

An unspecified vulnerability in SES Evolution could allow an authenticated user to forge some incorrect system logs.

**Impacted products**

Products

Severity

Detail

Stormshield Endpoint Security

low

SES is impacted

**Revisions**

Version

Date

Description

v1

 12/21/2021

Initial release

![](https://advisories.stormshield.eu/wp-content/themes/mustang-lite/assets/img/separator.png)

**Stormshield Endpoint Security**

**CVSS v3.1 Overall Score: 2      ![](https://advisories.stormshield.eu/wp-content/themes/mustang-lite/assets/img/lowtransv3.png)**

**Analysis**

**Impacted version**

An attacker may trick a user connected to a machine where the SES Evolution console is installed to execute a malicious program in order to forge some incorrect system logs.

*   SES 2.1.0 to 2.1.1

**Workaround solution**

**Solution**

There is no workaround solution.

The 2.1.2 update fixes this vulnerability.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability impact

Adjacent Network

Low

Low

Required

Unchanged

None

Low

None

CVSS Base score: 3

CVSS Vector: (AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)

Exploit Code Maturity

Remediation Level

Report Confidence

Unproven that exploit exists

Official fix

Confirmed

CVSS Temporal score: 2.6

CVSS Vector: (AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Confidentiality Requirement

Integrity Requirement

Availability Requirement

Low

Low

Low

CVSS Environmental score: 2

CVSS Vector: (AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C/CR:L/IR:L/AR:L/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)

  

![](https://advisories.stormshield.eu/wp-content/themes/mustang-lite/assets/img/separator.png)

CVE-2021-45091: SES Evolution server access check bypass (CVE-2021-45091)

Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control.

Advisory ID

CVE Number

Date discovered

Severity

Advisory revision

STORM-2021-071

CVE-2021-45089

09/17/2021

medium

v1

**Vulnerability details**

An unspecified vulnerability in SES Evolution could allow an authenticated user to deny access to some functionalities of the administration console.

**Impacted products**

Products

Severity

Detail

Stormshield Endpoint Security

medium

SES is impacted

**Revisions**

Version

Date

Description

v1

 12/21/2021

Initial release

![](https://advisories.stormshield.eu/wp-content/themes/mustang-lite/assets/img/separator.png)

**Stormshield Endpoint Security**

**CVSS v3.1 Overall Score: 6.1      ![](https://advisories.stormshield.eu/wp-content/themes/mustang-lite/assets/img/mediumtransv3.png)**

**Analysis**

**Impacted version**

An attacker may trick a user connected to a machine where the SES Evolution console is installed to execute a malicious program in order to deny access to some functionalities for all users of the administration console.

*   SES 2.0.0 to 2.1.1

**Workaround solution**

**Solution**

There is no workaround solution.

The 2.1.2 update fixes this vulnerability.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability impact

Adjacent Network

Low

Low

Required

Unchanged

None

None

High

CVSS Base score: 5.2

CVSS Vector: (AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H)

Exploit Code Maturity

Remediation Level

Report Confidence

Unproven that exploit exists

Official fix

Confirmed

CVSS Temporal score: 4.5

CVSS Vector: (AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Confidentiality Requirement

Integrity Requirement

Availability Requirement

Low

Low

High

CVSS Environmental score: 6.1

CVSS Vector: (AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C/CR:L/IR:L/AR:H/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)

  

![](https://advisories.stormshield.eu/wp-content/themes/mustang-lite/assets/img/separator.png)

CVE-2021-45089: SES Evolution server access check bypass (CVE-2021-45089)

Apple Security Advisory 2023-07-24-8 - watchOS 9.6 addresses bypass, code execution, and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-2023-07-24-8 watchOS 9.6

watchOS 9.6 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/kb/HT213848.

Apple maintains a Security Updates page at  
https://support.apple.com/HT201222 which lists recent  
software updates with security advisories.

Apple Neural Engine  
Available for: Apple Watch Series 4 and later  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: The issue was addressed with improved memory handling.  
CVE-2023-38136: Mohamed GHANNAM (@_simo36)  
CVE-2023-38580: Mohamed GHANNAM (@_simo36)

Find My  
Available for: Apple Watch Series 4 and later  
Impact: An app may be able to read sensitive location information  
Description: A logic issue was addressed with improved restrictions.  
CVE-2023-32416: Wojciech Regula of SecuRing (wojciechregula.blog)

Kernel  
Available for: Apple Watch Series 4 and later  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: The issue was addressed with improved memory handling.  
CVE-2023-32734: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.  
CVE-2023-32441: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs SG  
Pte. Ltd.

Kernel  
Available for: Apple Watch Series 4 and later  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: A use-after-free issue was addressed with improved memory  
management.  
CVE-2023-32381: an anonymous researcher  
CVE-2023-32433: Zweig of Kunlun Lab  
CVE-2023-35993: Kaitao Xie and Xiaolong Bai of Alibaba Group

Kernel  
Available for: Apple Watch Series 4 and later  
Impact: An app may be able to modify sensitive kernel state. Apple is  
aware of a report that this issue may have been actively exploited  
against versions of iOS released before iOS 15.7.1.  
Description: This issue was addressed with improved state management.  
CVE-2023-38606: Valentin Pashkov, Mikhail Vinogradov, Georgy Kucherin  
(@kucher1n), Leonid Bezvershenko (@bzvr_), and Boris Larin (@oct0xor) of  
Kaspersky

libxpc  
Available for: Apple Watch Series 4 and later  
Impact: An app may be able to gain root privileges  
Description: A path handling issue was addressed with improved  
validation.  
CVE-2023-38565: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab  
(xlab.tencent.com)

libxpc  
Available for: Apple Watch Series 4 and later  
Impact: An app may be able to cause a denial-of-service  
Description: A logic issue was addressed with improved checks.  
CVE-2023-38593: Noah Roskin-Frazee

WebKit  
Available for: Apple Watch Series 4 and later  
Impact: A website may be able to bypass Same Origin Policy  
Description: The issue was addressed with improved checks.  
WebKit Bugzilla: 256549  
CVE-2023-38572: Narendra Bhati (twitter.com/imnarendrabhati) of Suma  
Soft Pvt. Ltd, Pune - India

WebKit  
Available for: Apple Watch Series 4 and later  
Impact: Processing web content may lead to arbitrary code execution  
Description: The issue was addressed with improved checks.  
WebKit Bugzilla: 256865  
CVE-2023-38594: Yuhao Hu  
WebKit Bugzilla: 256573  
CVE-2023-38595: an anonymous researcher, Jiming Wang, Jikai Ren  
WebKit Bugzilla: 257387  
CVE-2023-38600: Anonymous working with Trend Micro Zero Day Initiative

WebKit  
Available for: Apple Watch Series 4 and later  
Impact: Processing web content may lead to arbitrary code execution  
Description: The issue was addressed with improved memory handling.  
WebKit Bugzilla: 258058  
CVE-2023-38611: Francisco Alonso (@revskills)

WebKit  
Available for: Apple Watch Series 4 and later  
Impact: Processing web content may lead to arbitrary code execution.  
Apple is aware of a report that this issue may have been actively  
exploited.  
Description: The issue was addressed with improved checks.  
WebKit Bugzilla: 259231  
CVE-2023-37450: an anonymous researcher

WebKit Web Inspector  
Available for: Apple Watch Series 4 and later  
Impact: Processing web content may disclose sensitive information  
Description: The issue was addressed with improved checks.  
WebKit Bugzilla: 256932  
CVE-2023-38133: YeongHyeon Choi (@hyeon101010)

Instructions on how to update your Apple Watch software are available  
at https://support.apple.com/kb/HT204641  To check the version on  
your Apple Watch, open the Apple Watch app on your iPhone and select  
"My Watch > General > About".  Alternatively, on your watch, select  
"My Watch > General > About".  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmS/FLoACgkQ4RjMIDke  
NxmzaQ/8DN0im3Y0iJRoYgBwW5xNTUn6ewcO2BzHGWV/3vTWq6gip2V2cWCJ6lKS  
FTlP2n0+pRsk23WLWRJNzmAETVVB1UfVgzDvx9sc2aw07DpiCLVdoZr3wLxrKK3r  
67j2hTjRc8SDkjKrNCJKvjS0MO1FOje0FoCrtRP9inu32QTHXj7Rg/0iDqH+4tVS  
tbLxaomTMHjd8xL2X6nHCteofCx9nJvRKymlxJi7bCHQtHKyrAR3DnFjpG9Jxk38  
UeOTMwhmQN2r44e9CBj0vxf2WroYE0qiofXJP0x3zTQnS72z7BFfRf9kGnDGKGes  
GmQrh4+nG8tsr3Neo1rongITM7JYxl8uIuNxjNaRGjRpgb6RYk4TOgAhtTPv48NP  
QRbcq9opzVQcBU74/jGripIWxIDDuZaaLav6kxvAAJinCiaTmB9fE2ldDqxjEInS  
4N8F8JsONRrjeydOrhqC/9cDWeGpLUImv74qvLZmyaa2qmsyM6WWxY8mGxZL2oBN  
2xQUEr2BH53YgM0z3VnQhtnLImKA6ONZC6eNSgVcjJVU5Yp3fSRtvZsX8Y6ZDCzw  
R5KX0z6yrOmIpgdKI+Ejm59EIVFveVXflv6zZrfj7uoIZZ9mbv8iL0qzSDl+ExcB  
NkuagC5WyORhFPTdG1D3mNcBNiZhr+XLRQNoZhfd0KqEoeXphko=  
=SnKr  
-----END PGP SIGNATURE-----

Search

lenovo warranty check/lookup | check warranty status | lenovo support us