Security Update 2007-005
Apple has just posted its latest security update. This update addresses a boatload of possible vulnerabilities including a number of core unix utilities as well as iChat and VPN. Without further ado, here's a quick rundown of the fixes and the vulnerabilities: Alias Manager. Impact: Users may be misled into opening a substituted file
BIND. Impact: Multiple vulnerabilities in BIND, the most serious of which is remote denial of service
CoreGraphics. Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
crontabs. Impact: The daily /tmp cleanup script may lead to a denial of service
fetchmail. Impact: fetchmail password disclosure may be possible
file. Impact: Running the file command on a maliciously crafted file may lead to an unexpected application termination or arbitrary code execution
iChat. Impact: An attacker on the local network may be able to cause a denial of service or arbitrary code execution
mDNSResponder. Impact: An attacker on the local network may be able to cause a denial of service or arbitrary code execution
PPP. Impact: A local user may obtain system privileges
ruby. Impact: Denial of service vulnerabilities in the Ruby CGI library
screen. Impact: Multiple denial of service vulnerabilities in GNU Screen
texinfo. Impact: A vulnerability in texinfo may allow arbitrary files to be overwritten
VPN. Impact: A local user may obtain system privileges
Thanks Tomasz
Share
Categories
Apple has just posted its latest security update. This update addresses a boatload of possible vulnerabilities including a number of core...
Add a Comment
I have an eMac with Tiger 10.4.9. After updating I clicked to restart. I lost my external Firewire, Mirror RAID volume! On booting I got two windows saying:
Disk Insertion
The disk you inserted was not readable by this computer
Initialize Ignore Eject.
The disk Utility shows both member disks and their volume. However, they are not mounted and clicking the Mount button does not have any effect, although the log says they have been mounted.
It's a bummer to lose a whole RAID volume. Can someone advise as to how I can recover? Any utilities I could use to recover the drives? Thanks. lrkoller
I installed this update and the 2 installation reboots went fine.
Immediately after the reboot I was trying to watch a DVD with Front Row and it kernel panic'd!! Nothing else was loaded.
I rebooted again and was presented with the Crash Reporter dialogue box. Using my bluetooth keyboard, I started to type a description of what happened before the panic - lo and behold - another kernel panic!!! On the next reboot I was not presented with another Crash Reporter, but I found the panic.log and it appeared to have something to do with Bluetooth, so I turned off bluetooth and watched my movie.
Since then I have reinstalled OSX on an new harddrive and haven't updated to 2007-05, but I still have the old disk intact.
Has anyone else seen anything like this?
I downloaded this security update with the software update program, then rebooted. Instead of the regular OSX login screen, a unix screen came up with "Darwin/BSD" at the top, and a login prompt. I logged in and was given another prompt, plus the frightening words "No Home Directory". I typed 'exit', which took me back to the OSX login screen. When I logged in that way, I was taken back to the unix screen. When I unplugged the computer, the bar on the screen that shows 'OSX loading' did not go all the way across. Instead, it only went 1/5 of the way, then went straight to the OSX login screen. Of course, a log in at that point took me back to the unix screen.
So, my question: What should I type in unix to solve this problem?
mdnsresponder = Bonjour
May 25 2007 at 2:45 AM Report abuse Permalink rate up rate down Replywow, this is alot of security fixes.... that's like the 3rrd this month.
May 25 2007 at 12:57 AM Report abuse Permalink rate up rate down Reply@Zack kitzmiller
problably, some older update also require 2 reboots
Two reboots is normal on this one.
May 24 2007 at 5:45 PM Report abuse Permalink rate up rate down ReplyHot Apps on TUAW
Deals of the Day
more deals- miFrame Picture Frame Dock for iPad for $64 + $8 s&h
- Refurb Apple iPod nano 8GB MP3 Player for $99 + free shipping, 16GB for $119
- Hannspree Apple-Shaped 28" 1080p LCD HDTV for $270 + free shipping
- Philips wOOx Alarm Clock Radio for Apple iPod / iPhone for $60 + free shipping
- iWatchz Elemetal Collection Bracelet for iPod nano for $75 + free shipping
- iFrogz Luxe Lean Hard Case for iPod touch for $10 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
8 Comments