Apple has released iOS 4.3.5 for the iPhone (GSM model), iPod touch, and iPad, and iOS 4.2.10 for the iPhone (CDMA model) to address a vulnerability. This vulnerability may allow an attacker with a privileged network position to capture or modify data in SSL/TLS sessions.
US-CERT encourages users and administrators to review Apple Support Articles Apple has released iOS 4.3.5 for the iPhone (GSM model), iPod touch, and iPad, and iOS 4.2.10 for the iPhone (CDMA model) to address a vulnerability. This vulnerability may allow an attacker with a privileged network position to capture or modify data in SSL/TLS sessions. US-CERT encourages users and administrators to review Apple Support Articles HT4824 and HT4825 and apply any necessary updates to help mitigate the risks.
Read more at: US-CERT Current Activity