Filed under: Security, Leopard
Security Update 2008-002 issues may be cleared up by Rogue Amoeba fix
As many of you have reported, there are a few hiccups for some who have installed the latest Leopard security update. Two of the areas of concern are ssh (no connectivity or a crash) and printing (errors out, documents never finish spooling), with various fixes offered (reinstalling the 10.5.2 combo update, installing a standalone SSH build) and various degrees of success reported.
One emergent common thread for some of the problems is the presence of a Rogue Amoeba audio utility, and the gang in the petri dish have responded with a revised version of the Instant Hijack framework. The new 2.0.3 version aims to address a bug that has been latent since the introduction of Leopard's position-independent executables feature, where certain sensitive processes (like, say, ssh) could be run from a randomized memory address, avoiding attack vectors that depend on targeting a specific vulnerable spot within the code.
Up until the 2008-002 security patches, according to RA, the PIE feature wasn't used for anything yet -- after the update, surprise surprise, ssh is being moved around when it runs. Since Instant Hijack inspects newly launched processes to see if they have audio properties, it tries to look at the ssh instance in memory -- hey, wherdja go? Hence the problem.
If you have been experiencing ssh issues and have Rogue Amoeba apps installed, try the patch and let us know what happens.
[via Daring Fireball + Apple discussions]
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
ryanm said 2:47PM on 3-19-2008
Fixing cat is soooooo cute!
Reply
wilstev said 2:48PM on 3-19-2008
Just wondering if anyone else is experiencing this issue. I have a 2GHz Core Duo MacBook with 10.4.11 and after installing the 2008-002 update I have an annoying problem that is recurring. Each time I open up network preferences, I get a dialog that states "A new network port has been detected: Ethernet Adaptor (en4) Please verify that it is configured correctly, then press Apply Now to activate it." In the preferences, Ethernet Adaptor (en4) does indeed show up, but here's the strange part. It shows an Ethernet ID that does not match any of the existing interfaces. I made an (unsuccessful) attempt to find an explanation of the problem, and am really just curious what is going on.
I know for a fact that it only appeared after the update as I am at work and had to go into the settings to configure a new access point and while I was on the network I downloaded and installed the update. I saw the message for the first time after restarting and going into the settings to change the order of preference for access points. Thanks in advance to anyone who can provide some assistance.
Reply
Dan said 4:28PM on 3-19-2008
I was one of the ones complaining about ssh being broken after after the update. Instant Hijack was indeed the problem. I just wanted to say thanks to Rogue Amoeba for fixing the problem so fast. You guys rock.
Reply
Fernando said 4:46PM on 3-19-2008
To tell you the truth, I had issues with the Leopard Graphics Update on my early 2006 mini, in fact I'm reinstalling Mac OS right now. Once it's done I won't update it for a while.
Reply
freakscene said 4:50PM on 3-19-2008
I haven't had any problems with ssh since the update, and I'm even using MacFuse to mount a ssh session to a Finder share.
Reply
Martin said 6:57PM on 3-19-2008
Since this security update my internal isight didn't work anymore :(
Here I've listed methods trying to fix this isight problem (german site)
Reply