Security Update 2006-001 available
You are here:  SillyDog701 > Message Centre > Mac OS and Apple > [sdt=10971]
SillyDog701 Forums
Author Message
Antony
Site Admin


Joined: 18 Jun 2002
Posts: 12754
Location: Sydney, Australia
01 Mar, 2006 5:22 pm Security Update 2006-001 available [sdp=71014]  

Apple released Security Update 2006-001 Mac OS X 10.4.5
Quote:
About Security Update 2006-001 Mac OS X 10.4.5 (PPC)
Security Update 2006-001 is recommended for all users and improves the security of the following components.

apache_mod_php
automount
Bom
Directory Services
iChat
IPSec
LaunchServices
LibSystem
loginwindow
OpenSSH
rsync
Safari
Syndication


For detailed information on this Update, please visit this website: http://docs.info.apple.com/article.html?artnum=61798


download Security Update 2006-001 Mac OS X 10.4.5 (PPC) (12.5 MB)
download Security Update 2006-001 Mac OS X 10.4.5 Client (Intel) (22.5 MB)

UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/417.9 (KHTML, like Gecko) Safari/417.8
MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.

Last edited by Antony on 01 Mar, 2006 6:03 pm; edited 2 times in total
Back to top profile website
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
01 Mar, 2006 5:32 pm [sdp=71016]  
Serious flaw in Safari browser (see http://sillydog.org/forum/viewtopic.php?t=10910 for details) has been reportedly fixed as well:

Report from SANS Internet Storm Center
http://isc.sans.org/diary.php?storyid=1160

ISC says iChat and Mail are also immune now. Time to patch:
http://www.apple.com/support/downloads/

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi-FI; rv:1.7.12) Gecko/20050919 Firefox/1.0.7
Back to top profile website
Antony
Site Admin


Joined: 18 Jun 2002
Posts: 12754
Location: Sydney, Australia
01 Mar, 2006 5:34 pm [sdp=71017]  
Thanks for confirming Safari and iChat, Mail security related issues, J-M.

UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/417.9 (KHTML, like Gecko) Safari/417.8
MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.
Back to top profile website
Antony
Site Admin


Joined: 18 Jun 2002
Posts: 12754
Location: Sydney, Australia
01 Mar, 2006 6:35 pm [sdp=71018]  
Security Update 2006-001 for Mac OS X 10.3.9 Panther users is also available.

Security Update 2006-001(10.3.9 Client)

Quote:
About Security Update 2006-001 (Panther Client)
Security Update 2006-001 is recommended for all users and improves the security of the following components.

apache_mod_php
automount
Bom
Directory Services
IPSec
LibSystem
loginwindow
perl
Safari

Additionally, Security Update 2005-008 and Security Update 2005-009 have been incorporated into this security update.

For detailed information on this Update, please visit this website: http://docs.info.apple.com/article.html?artnum=61798


download Security Update 2006-001(10.3.9 Client) (25.3 MB)

UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/417.9 (KHTML, like Gecko) Safari/417.8
MozInfo701 | MacCentre701 | AntBlog701 | don't steal music.
Back to top profile website
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
02 Mar, 2006 7:52 am [sdp=71031]  
There is an exploit code for "passwd" program temporary file creation vulnerability published too.

Details at
http://www.frsirt.com/english/advisories/2006/0791

-> see The fourth issue...

Code was published at
http://www.frsirt.com/exploits/20060301.xosx-passwd.pl.php

late on Wednesday.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi-FI; rv:1.7.12) Gecko/20050919 Firefox/1.0.7
Back to top profile website
J-M
diamond member


Joined: 25 Jul 2004
Posts: 777
Location: Helsinki, Finland
02 Mar, 2006 7:56 am [sdp=71032]  
More information about these security issues has been published at Secunia Advisory SA19064; see
http://secunia.com/advisories/19064/

FrSIRT has its advisory FrSIRT/ADV-2006-0791 located at
http://www.frsirt.com/english/advisories/2006/0791

Both of these have highest severity level in use; Secunia says Extremely Critical (5/5) and FrSIRT Critical Risk (4/4).

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; fi-FI; rv:1.7.12) Gecko/20050919 Firefox/1.0.7
Back to top profile website
Pu7o
Macfox


Joined: 06 Jan 2005
Posts: 1978
Location: Portugal
03 Mar, 2006 3:17 am [sdp=71058]  
The Panther version of the security update seems to bump the Safari useragent to v312.6.

UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/312.8 (KHTML, like Gecko) Safari/312.6
Back to top profile website
Display posts from previous:   
Reply to topic    Forum Index > Mac OS and Apple All times are CST (GMT -6)
page 1 of 1
To add your questions, comments, and for more features and more, please join SillyDog701 Message Centre. It's free! This is SillyDog 701 Message Centre (SD701 Forums).

Free Single of the Week iTunes

*Search | FAQ | Rules and Policies | MozInfo701 - Mozilla Information Centre | SD701 Open Directory | Message Board Map | download Netscape