Spam Chronicles» osx http://www.spamchronicles.com Chronicling My Spam Explorations Wed, 12 Sep 2007 02:11:20 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Security Update 2007-006 for Apple OS X http://www.spamchronicles.com/2007/06/23/security-update-2007-006-for-apple-os-x/ http://www.spamchronicles.com/2007/06/23/security-update-2007-006-for-apple-os-x/#comments Sat, 23 Jun 2007 23:55:56 +0000 ray http://www.spamchronicles.com/security-vulnerability/security-update-2007-006-for-apple-os-x/ OS X Security Update 2007-006Apple has released a security-only update for OS X. It’s the appropriately named Security Update 2007-006 as Apple has released one security update a month so far this year. This update is needed for 10.4.9 along with the just released 10.4.10. It’s also needed for 10.3.9. The security update addresses two vulnerabilities.

One is in Webcore and can allow cross-site scripting attacks.

The second patched vulnerability was in Webkit and could allow remote code execution.

The update is available through Software Update or as a standalone download and requires a reboot.

]]> http://www.spamchronicles.com/2007/06/23/security-update-2007-006-for-apple-os-x/feed/ 0 Apple Releases 10.4.10 for OS X http://www.spamchronicles.com/2007/06/21/apple-releases-10410-for-os-x/ http://www.spamchronicles.com/2007/06/21/apple-releases-10410-for-os-x/#comments Thu, 21 Jun 2007 13:48:24 +0000 ray http://www.spamchronicles.com/security-vulnerability/apple-releases-10410-for-os-x/ Apple Logo (Blue)Apple has released OS X version 10.4.10. While it contains several enhancements and fixes for the operating system it also includes one security related update. This security update keeps Apple in the one-a-month category for security updates to OS X.

This security vulnerability is described by Apple as:

…the reception of specially crafted IPv6 packets may lead to a reduction in network bandwidth.

This is a relatively low risk vulnerability as it doesn’t include a potential loss of data and doesn’t allow the installation of malicious software. The update also includes security patches released since 10.4.9.

Software Update 10.4.10The update is available through the Software Update feature of OS X or as a standalone download. The Intel version of the update is a 49MB download when done through Software Update (click the thumbnail to see notification full size). The update is also available as a standalone installer in four forms. There are downloads for the Power PC (PPC) and Intel CPUs. Then each CPU has a “delta” update which requires that 10.4.9 already be applied and a much larger “combo” update which includes all previous updates to OS X 10.4.

I applied the update to two Intel Macs without incident. Like previous updates the first reboot after the patch is significantly longer than usual.

]]> http://www.spamchronicles.com/2007/06/21/apple-releases-10410-for-os-x/feed/ 0 Security Update 2007-05 for Mac OS X http://www.spamchronicles.com/2007/05/25/security-update-2007-05-for-mac-os-x/ http://www.spamchronicles.com/2007/05/25/security-update-2007-05-for-mac-os-x/#comments Sat, 26 May 2007 00:45:11 +0000 ray http://www.spamchronicles.com/security-vulnerability/security-update-2007-05-for-mac-os-x/ Apple has released Security Update 2007-05 which keeps it in the one-a-month category for the year.

According to the Apple notification it contains updates to the following components:

  • bind
  • CarbonCore
  • CoreGraphics
  • crontabs
  • fetchmail
  • file
  • iChat
  • mDNSResponder
  • PPP
  • ruby
  • screen
  • texinfo
  • VPN

The update is for both Intel and PPC macs.

]]> http://www.spamchronicles.com/2007/05/25/security-update-2007-05-for-mac-os-x/feed/ 0