Apple: Panther Sharpens Claws With New Update
Apple put out their latest security update (2005-005) on Tuesday. It has a number of fixes for OS X v10.3.9 and the Server v10.3.9. This patch provides a number of fixes for several systems including the following:
MACWORLD had some nice descriptions of the problems:
ApacheC : Apple has corrected a buffer overflow problem in htdigest that result in a remote system compromise.
AppKit: Apple has posted fixes for AppKit associated with malformed TIFF images.
AppleScript: A fix has been made for the way that AppleScript’s URI mechanism displays code.
Bluetooth: This update makes changes to how Bluetooth file exchange is handled in order to improve security. It also enhances filtering for path-delimiting characters.
Finder: The Finder has been updated with improved handling of .DS_Store files.
Terminal: Malicious content could inject data when displayed in a Terminal session. The issue has been corrected.
VPN: A buffer overflow in “vpnd” could be used by a local user to obtain root privileges if the system is configured as a VPN server. This update prevents the buffer overflow from occurring.
John Stith is a staff writer for WebProNews covering technology and business.