This article originally appeared in TidBITS on 2015-06-30 at 11:46 p.m.
The permanent URL for this article is: http://tidbits.com/article/15766
Include images: Off

Security Update 2015-005 (Mountain Lion and Mavericks)

by Agen G. N. Schmitz

Apple has issued Security Update 2015-005 [1] for OS X 10.8 Mountain Lion and 10.9 Mavericks, mirroring many of the security fixes that are included with the concurrently released 10.10.4 Yosemite (see “Apple Improves Networking in OS X 10.10.4 [2],” 30 June 2015). The lengthy list of patched vulnerabilities includes multiple memory corruption issues in QuickTime, an integer overflow in the Security framework code for parsing S/MIME email messages, the handling of filenames of photos added to the local photo library, a memory corruption issue in the Bluetooth HCI interface, and intermediate certificates incorrectly issued by certificate authority CNNIC (China Internet Network Information Center, which manages the .cn domain; see Glenn Fleishman’s Macworld article [3] on the security updates for more about the CNNIC vulnerability). Security Update 2015-005 is available via Software Update or via direct download from Apple’s Support Downloads Web site. (Free. For 10.8.5 Mountain Lion [4], 207 MB; for 10.9.5 Mavericks [5], 160 MB)

[1]: https://support.apple.com/en-us/HT204942
[2]: http://tidbits.com/article/15763
[3]: http://www.macworld.com/article/2942720/apple-releases-tons-of-security-updates-for-recent-flaws-and-exploits.html
[4]: https://support.apple.com/kb/DL1826
[5]: https://support.apple.com/kb/DL1825