Those folks over at Apple Inc have been churning out the patches recently, so to keep them all together, here is a little summary:
Apple ID :APPLE-SA-2011-11-14-1 iTunes 10.5.1
Impact: A man-in-the-middle attacker may offer software that appearsto originate from Apple
Apple ID:APPLE-SA-2011-11-10-2 Time Capsule and AirPort Base Station (802.11n)Firmware 7.6
Impact: An attacker in a privileged network position may be able tocause arbitrary command execution via malicious DHCP responses
Apple ID:APPLE-SA-2011-11-10-1 iOS 5.0.1 Software Update
Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information
Impact: Viewing a document containing a maliciously crafted font may lead to arbitrary code execution
CVE : CVE-2011-3439
Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information
CVE : Non-provided
Impact: An application may execute unsigned code
Impact: Visiting a maliciously crafted website may lead to the
disclosure of sensitive information
Impact: A person with physical access to a locked iPad 2 may be able to access some of the user's data
None of these would appear to address the Core Security announced Sandbox vulnerability (CVE-2011-1516) referenced here.
Also note Swa's earlier diary on recent updates to the Java distribution.
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.