Apple releases iOS 7.1.2 with Bug fixes
Apple has released iOS 7.1.2. This update contains bug fixes and security updates. These include an update to iBeacon connectivity and stability, data transfers for 3rd party accessories, and data protection class issues with Mail attachments.
To learn about other Security Updates, see Apple Security Updates.
iOS 7.1.2
   Certificate Trust Policy
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Update to the certificate trust policy
Description: The certificate trust policy was updated. The complete list of certificates may be viewed at http://support.apple.com/kb/HT5012.
   CoreGraphics
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Viewing a maliciously crafted XBM file may lead to an unexpected application termination or arbitrary code execution
Description: An unbounded stack allocation issue existed in the handling of XBM files. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1354 : Dima Kovalenko of codedigging.com
   Kernel
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: An application could cause the device to unexpectedly restart
Description: A null pointer dereference existed in the handling of IOKit API arguments. This issue was addressed through additional validation of IOKit API arguments.
CVE-ID
CVE-2014-1355 : cunzhang from Adlab of Venustech
   launchd
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A heap buffer overflow existed in launchd’s handling of IPC messages. This issue was addressed through improved bounds checking.
CVE-ID
CVE-2014-1356 : Ian Beer of Google Project Zero
   WebKit
Available for: iPhone 4 and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A maliciously crafted website may be able to spoof its domain name in the address bar
Description: A spoofing issue existed in the handling of URLs. This issue was addressed through improved encoding of URLs.
CVE-ID
CVE-2014-1345 : Erling Ellingsen of Facebook
Source: Apple