With the just-released Mac OS X 10.6.5, the latest version of Snow Leopard, Apple continues to eliminate bugs that were undoubtedly either unknown until recently or so minor that they weren’t deemed sufficiently important to address before this. Also addressed are numerous security vulnerabilities.
Feature Enhancements and Bug Fixes -- The only two functional enhancements in 10.6.5 are SSL support for transferring files with iDisk, which is a welcome nod to the need for secure connections, and raw image compatibility with additional digital cameras. For a full list, see “Mac OS X v10.6: Supported digital camera RAW formats.” (Also released last week was Digital Camera RAW Compatibility Update 3.4, which extends raw image format compatibility to Aperture 3 and iPhoto ’09 for some new camera models.)
In fact, the details of the rest of the fixes are so specific that I can’t even see any way to group or summarize them. I recommend reading down the remaining 22-item bullet list to see if you’ve encountered any of the problems that 10.6.5 addresses.
Improves reliability with Microsoft Exchange servers. (TidBITS Contributing Editor Mark Anbinder tells me that if the user sets a message priority in Mail, Exchange no longer discards that attribute when the message hits the server. He went on to say that a much bigger deal is that calendar permission delegation in iCal seems to have been fixed.)
Addresses performance of some image-processing operations in iPhoto and Aperture.
Addresses stability and performance of graphics applications and games.
Resolves a delay between print jobs.
Addresses a printing issue for some HP printers connected to an AirPort Extreme.
Resolves an issue when dragging contacts from Address Book to iCal.
Addresses an issue in which dragging an item from a stack causes the Dock to not automatically hide.
Resolves an issue in which Wikipedia information may not display correctly in Dictionary.
Improves performance of MainStage on certain Macs.
Resolves spacing issues with OpenType fonts.
Improves reliability with some Bluetooth braille displays.
Resolves a VoiceOver issue when browsing some Web sites with Safari 5.
Improves Bluetooth pairing with Magic Trackpad.
Resolves performance issues with third-party displays that use InstaPort technology.
Resolves an issue when opening 4-up Photo Booth pictures in Preview.
Addresses keyboard responsiveness issues in the Dock when Spaces is turned on.
Resolves an issue syncing Address Book with Google.
Fixes an issue when replying to a Mail message sent by a person whose name contains certain characters such as é or ü.
Improves performance for users bound to an Active Directory domain.
Improves reliability of Ethernet connections.
Systems with a Mac Pro RAID Card (Early 2009) installed can now be put to sleep. For more information, see “Mac Pro RAID Card (Early 2009): Enabling system sleep.”
Improves reliability of fibre channel connections, resolving a potential Xsan volume availability issue.
Mac OS X Server 10.6.5 includes all of the above changes, along with numerous other fixes and small enhancements to Chat Service, client management, Directory Services, Mail Service, Podcast Service, Server Admin, Software Update Service, System Image Utility, PHP, Web Calendar, Wiki Service, and Xsan. Plus, Apple has released Server Admin Tools 10.6.5, with all the latest versions of Apple’s administration tools.
Security Fixes -- More important, though less obvious to most Mac users, are the numerous security fixes rolled into 10.6.5, over 50 all told. Vulnerabilities were eliminated in numerous areas of the operating system, including AFP Server, AppKit, Apple Type Services, CFNetwork, Core Graphics, Core Text, Directory Services, disk image handling, the fsck_hfs application, Image Capture, ImageIO, Image RAW, the kernel, Quick Look, QuickTime, Safari RSS, Time Machine, and Mac OS X’s printing and networking subsystems.
Along with vulnerabilities closed in those parts of Apple’s code, Mac OS X 10.6.5 also rolls in updates to bundled open source software, including Apache, CUPS, gzip, neon, OpenLDAP, OpenSSL, PHP, python, X11, and xar.
Flash Player merits special attention, since Apple’s inclusion of version 10.1.102.64 (the current version) addresses 56 different vulnerabilities since the previously shipped version. That’s somewhat deceptive, since Mac OS X 10.6.4 shipped with Flash Player 10.0.45.2 even when 10.1.53.64 was current with fixes for numerous security holes. In short, don’t depend on Apple to provide the latest version of Flash Player; it’s a huge target for security exploits and Adobe is constantly releasing new versions to address significant problems.
Three of the security changes are specific to Mac OS X Server, notably fixes to Password Server and Wiki Server, and a new version of MySQL.
As always, there’s no telling how many of the vulnerabilities, if any, have actually been exploited by scoundrels, but it’s generally a good idea to stay current with security fixes since many of them can be triggered by opening a maliciously crafted file, and there’s no way to know in advance if a file is malicious.
Downloading -- With updates to Mac OS X, it’s usually easiest to let Software Update download just the code that applies to your specific Mac and version of Mac OS X. But Apple does provide a delta installer to update 10.6.4 to 10.6.5 (for both Snow Leopard and Snow Leopard Server) and a much larger combo installer to update any version of 10.6 to 10.6.5 (again, for both Snow Leopard and Snow Leopard Server). Apple pulled the Snow Leopard Server updates briefly, but replaced them shortly after with no indication of what had changed other than a security note indicating a fix to a problem with the Dovecot mail server.
As always, make sure you have a current backup before you update, and don’t interrupt the upgrade process once it has started.