Skip to content
Thoughtful, detailed coverage of everything Apple for 32 years
and the TidBITS Content Network for Apple professionals

Security Update 2004-09-07 Potentially Problematic


Apple has released Security Update 2004-09-07 to address a slew of security-related issues. Updated components include Apache 2, CoreFoundation, FTP, IPSec, Kerberos, OpenLDAP, OpenSSH, PPPDialer, QuickTime Streaming Server, rsync, Safari, SquirrelMail, and tcpdump – see Apple’s site for details. Unfortunately, two of the changes may have negative consequences. The changes to Safari seem to have caused rendering problems on a number of Web sites, including the FedEx Web site. Also, to work around a problem in the lukemftpd FTP server in the client version of Mac OS X, Apple replaced it with the tnftpd FTP server (Mac OS X Server uses xftp instead); unfortunately the change has caused login difficulties for some users. The security update applies to the client and server versions of Mac OS X 10.2.8, Mac OS X 10.3.4, and Mac OS X 10.3.5. Our suggestion is to hold off on the update for a bit if you rely on Mac OS X’s FTP server. The Safari rendering problems could be annoying if they affect a site you use frequently, but short of guessing that it might be related to sites using frames, it’s impossible to predict which pages could experience trouble. Luckily, it’s easy enough to use another browser for the occasional problematic page. The easiest way to get Security Update 2004-09-07 is via Software Update; otherwise you’ll have to pick the correct version from the Apple Downloads page. The client downloads are 7.6 MB; the server downloads are 12.6 MB.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 31 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.