Apple has released its fifth Mac OS X security update of 2007 to patch a number of potential vulnerabilities. Security Update 2007-005 makes changes to CoreGraphics, iChat, VPN, BIND, crontabs, PPP, and other components, in most cases correcting problems that require either local user access or access to the Mac via a local network. However, several fixes are more important. An update to BIND prevents a possible remote denial of service attack (but because it reportedly overwrites the BIND launchd plist file, it may both turn BIND off and cause other changes to be lost, a potential problem for Mac OS X Server machines), a new version of fetchmail prevents possible disclosure of passwords, and a fix for CoreGraphics in Mac OS X 10.4 provides additional verification of PDF files to avoid possible crashes when opening maliciously crafted PDFs. The update is available via Software Update or for download in four varieties: for Mac OS X 10.4.9 as Universal (29.2 MB) and PowerPC (15.7 MB) installers; and for Mac OS X 10.3.9 Client (42.5 MB) and Server (56 MB) systems.
Time for a Fetch Refresh?
In the Fetch FTP client, if you see a time stamp like "As of 6/19/10 2:29 PM" above the file list, that means that Fetch is re-using a file list it downloaded earlier. Click the swooshing-arrow refresh button (located beside the time stamp) to refresh the list.
Visit Fetch Softworks
- Two Small Security Updates (04 Jun 07)
Published in TidBITS 881.
Subscribe to our weekly email edition.
- Copyright Fun and Games
- MacLinkPlus Deluxe Converts Word/Excel 2007 Documents
- DealBITS Winners: SmileOnMyMac's PageSender
- Making Pages in Adobe Illustrator
- Scroll Wheel Tips
- A Personal Shopper for HD Video Editing Gear
- Geophoto Puts Your Photos on the Map
- Hot Topics in TidBITS Talk/28-May-07
- Take Control News/28-May-07
Security Update 2007-005 Released
Set up short abbreviations which expand to larger bits of text,
such as "Tx" for "TextExpander". With the new custom keyboard,
you can expand abbreviations in any app, including Safari and