This article originally appeared in TidBITS on 2005-12-05 at 12:00 p.m.
The permanent URL for this article is: http://tidbits.com/article/8339
Include images: Off

Security Update 2005-009 Released

by Adam C. Engst

Security Update 2005-009 Released -- Apple has released Security Update 2005-009, preventing a diverse collection of possible exploits in both the desktop and server versions of Mac OS X 10.3.9 and Mac OS X 10.4.3. The most notable changes are to Safari, in which Apple improved handling of credit card security codes, eliminated a bug in the JavaScript engine's PCRE (regular expression) library, ensured that files with overly long names won't be downloaded into unexpected locations, caused JavaScript-generated dialogs to identify the site that created them, and fixed a heap overflow that could enable arbitrary code execution in WebKit-based applications. Other components of Mac OS X seeing fixes include Apache2, apache_mod_ssl, CoreFoundation, CoreTypes, curl, iodbcadmintool, OpenSSL, passwordserver, QuickDraw Manager, ServerMigration, sudo, and syslog. Security Update 2005-009 is available via Software Update and as a standalone download for each version of Mac OS X; sizes range from 6 MB to 33 MB. [ACE]

<http://docs.info.apple.com/article.html? artnum=302847>