Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - Apple Posts 10.5.4, Security Update 2008-004, Time Machine + Apple Base Station Upgrades, and Safari upgrade for 10.4.11 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple Posts 10.5.4, Security Update 2008-004, Time Machine + Apple Base Station Upgrades, and Safari upgrade for 10.4.11

Published: 2008-07-01
Last Updated: 2008-07-01 17:17:35 UTC
by Joel Esler (Version: 2)
0 comment(s)

Whew, what an upgrade release! 

Note:  One thing interesting that is not fixed, is the Apple Remote Desktop vuln.

Let's start with Security Update 2008-004:


Alias Manager
CVE-ID:  CVE-2008-2308

CoreTypes
CVE-ID:  CVE-2008-2309

c++filt
CVE-ID:  CVE-2008-2310


Dock
CVE-ID:  CVE-2008-2314

Launch Services
CVE-ID:  CVE-2008-2311

Net-SNMP
CVE-ID:  CVE-2008-0960

Ruby
CVE-ID:  CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725,
CVE-2008-2726

Ruby
CVE-ID:  CVE-2008-1145

SMB File Server
CVE-ID:  CVE-2008-1105

System Configuration
CVE-ID:  CVE-2008-2313

Tomcat
CVE-ID:  CVE-2005-3164, CVE-2007-1355, CVE-2007-2449, CVE-2007-2450,
CVE-2007-3382, CVE-2007-3383, CVE-2007-5333, CVE-2007-3385,
CVE-2007-5461

VPN
CVE-ID:  CVE-2007-6276

WebKit
CVE-ID:  CVE-2008-2307

Safari on OSX 10.4.11 was also upgraded to 3.1.2.  (As you can see above, so was 10.5 (Leopard) -- The WebKit update.

Happy Patching!

--

Joel Esler

http://www.joelesler.net

 

Keywords: apple
0 comment(s)
Diary Archives