Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals
19 comments

Mac OS X 10.5.8 Fixes Bugs, Plugs Security Holes

Apple has released Mac OS X 10.5.8, a bug-fix update to Leopard that addresses a number of relatively uncommon bugs in various parts of the operating system. Although Apple provides standalone downloads (most useful for the combo updates that increment any version of Mac OS X 10.5 to 10.5.8), Software Update is the easiest way to get the new version.

As always, although there’s no reason to suspect any trouble with installing 10.5.8 right away, the cautious user will wait a few days to see if significant problem reports crop up online.

Changes in 10.5.8 — Although the release notes mention the inclusion of Safari 4.0.2 as new and claim improvements in the accuracy of full history searches, Safari 4.0.2 was the current version before the release of 10.5.8. Practically speaking, if you hadn’t upgraded to Safari 4.0.2 individually before this, you’ll get it now. Other networking-related fixes include improved compatibility and reliability when working with MobileMe and iDisk, with AFP (AppleTalk Filing Protocol), and with Managed Client. Lastly, though the release notes also claim improvements in joining AirPort networks, there have been anecdotal reports of AirPort connection failures after updating.

On the imaging front, the update fixes a bug that could prevent importing of large photo and movie files from digital cameras, and another that invoked an iPhoto action when dragging an Aperture image into Automator. Also, raw image support has been extended to additional new cameras; see the full list.

In other fixes, the Displays pane of System Preferences now shows certain resolutions that might not have appeared previously. iCal reportedly has improved reliability when working with MobileMe Sync and CalDAV, and Sync Service bugs have been addressed. Compatibility with certain USB external drives has been improved. Finally, overall Bluetooth reliability has been enhanced when working with external devices, USB webcams (straight from the release notes – we’re not sure what the relationship between Bluetooth and a USB webcam is either), and printers.

VMware is reporting that Mac OS X 10.5.8 includes new 3D drivers from ATI that fix a compatibility problem suffered by VMware Fusion 2.0.5 under Mac OS X 10.5.7.

Mac OS X 10.5.8 also addresses security vulnerabilities. A number of the fixes revolve around closing holes related to maliciously crafted images in various formats, but a few of the other issues addressed are more interesting. In particular:

  • A maliciously crafted Web site reached via a redirect could have displayed a certificate warning that used the name of the redirecting site.
  • Additional content types will generate prompts when accessed in certain ways, such as when they’re downloaded from a Web page.
  • The Dock previously allowed a user with physical access to a locked system to use four-finger multi-touch gestures to manage applications or use Expose.
  • The launch service was vulnerable to a denial-of-service attack.
  • Signing out of MobileMe via the preference pane wasn’t properly removing all login credentials.

The Mac OS X 10.5.8 Update weighed in at only 165 MB via Software Update on my Mac Pro and MacBook, but the standalone delta update from 10.5.7 is 274 MB from Apple’s Support Downloads site. The combo update that works with any version of 10.5 is 759 MB.

Leopard Server 10.5.8 — Along with all the changes in the desktop version of Mac OS X 10.5.8, the server version receives additional tweaks. Notably:

  • The AFP Server receives a fix that prevents unwarranted CPU use when no users are connected. Another fix prevents the AFP Client from infinitely repeating unsuccessful connection attempts after waking from sleep.
  • Several different bugs were addressed in the Managed Client, resolving login issues from PowerPC-based Macs, improving reliability of synchronized files from SMB servers, fixing launch problems for login items on a network home directory, and proper disabling of simultaneous logins.
  • Server Admin no longer freezes when propagating permissions, and it (along with the updated System Image Utility) now includes NetBoot/NetInstall filters for Macs released in June 2009. Alas, it doesn’t appear to include the fix necessary to make Server Admin stop corrupting Apache httpd.conf files.

The Mac OS X Server 10.5.8 Update is 274 MB in delta form; the combo update is 978 MB.

Security Update 2009-003 — The security fixes included in Mac OS X 10.5.8 are also available (as appropriate) for users still running Mac OS X 10.4 Tiger. All previous security updates have been incorporated in Security Update 2009-003, so you shouldn’t need to do the multiple download dance if you’re not up to date.

Four variants are available, as always, a desktop version for PowerPC-based Macs (76 MB) and another for Intel-based Macs (166 MB), and a server version for PowerPC-based Macs (130 MB) and another for PowerPC- or Intel-based Macs that Apple labels as Universal (204 MB).

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

Comments About Mac OS X 10.5.8 Fixes Bugs, Plugs Security Holes