Threat Level: green Handler on Duty: Basil Alawi S.Taher

SANS ISC: InfoSec Handlers Diary Blog - APPLE-SA-2011-03-21-1 Mac OS X v10.6.7 and Security Update 2011-001 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

APPLE-SA-2011-03-21-1 Mac OS X v10.6.7 and Security Update 2011-001

Published: 2011-03-21
Last Updated: 2011-03-22 01:26:13 UTC
by Kevin Shortt (Version: 2)
0 comment(s)

Apple has released some Security updates and various fixes today.  
Here's some handy links with a summarized list of software.

 Security Update 2001-001 - (Leopard - Client)
    Full Details:    http://support.apple.com/kb/HT1222
    Download:      http://support.apple.com/kb/DL1366
Security Update 2001-001 - (Leopard - Server)
    Full Details:    http://support.apple.com/kb/HT1222
    Download:      http://support.apple.com/kb/DL1367
Server Admin Tools 10.6.7
    Full Details:    http://support.apple.com/kb/HT3931
    Download:      http://support.apple.com/kb/DL1365
Mac OS X v10.6.7 Update
    Full Details:    http://support.apple.com/kb/HT4472
    Download:      http://support.apple.com/kb/DL1363
Mac OS X v10.6.7 Update Combo
   Full Details:     http://support.apple.com/kb/HT4472
   Download:       http://support.apple.com/kb/DL1361
Mac OS X v10.6.7 Update for early 2011 MacBook Pro
    Full Details:    http://support.apple.com/kb/HT4472
    Download:      http://support.apple.com/kb/DL1368
Mac OS X Server v10.6.7 Update  
     Full Details:   http://support.apple.com/kb/HT4473
     Download:     http://support.apple.com/kb/DL1362
Mac OS X Server v10.6.7 Update Combo
     Full Details:   http://support.apple.com/kb/HT4473
     Download:     http://support.apple.com/kb/DL1364

The Mac OS X v10.6.7 and Security Update 2011-001 may also be obtained from the Software Update pane in System Preferences.

Summary of update:
  • AirPort
    CVE-2011-0172
  • Apachehttp://httpd.apache.org/
    CVE-2010-1452, CVE-2010-2068
  • AppleScript
    CVE-2011-0173
  • ATS
    CVE-2011-0174, CVE-2011-0175, CVE-2011-0176CVE-2011-0177
  • bzip2
    CVE-2010-0405
  • CarbonCore
    CVE-2011-0178
  • ClamAV - http://www.clamav.net/
    CVE-2010-0405, CVE-2010-3434, CVE-2010-4260, CVE-2010-4261, CVE-2010-4479
  • CoreText
    CVE-2011-0179
  • File Quarantine
  • HFS
    CVE-2011-0180
  • ImageIO
    CVE-2011-0170, CVE-2011-0181, CVE-2011-0191, CVE-2011-0192, CVE-2011-0194
  • Image RAW
    CVE-2011-0193
  • Installer
    CVE-2011-0190
  • Kerberos - http://web.mit.edu/Kerberos/
    CVE-2010-1324, CVE-2010-4020, CVE-2010-4021
  • Kernel
    CVE-2011-0182
  • Libinfo 
    CVE-2011-0183
  • libxml 
    CVE-2010-4008, CVE-2010-4494
  • Mailman
    CVE-2010-3089
  • PHP - http://www.php.net/
    CVE-2006-7243, CVE-2010-2950, CVE-2010-3709, CVE-2010-3710, CVE-2010-3870, 
    CVE-2010-4150, CVE-2010-4409, CVE-2010-3436
  • QuickLook
    CVE-2011-0184, CVE-2011-1417
  • QuickTime 
    CVE-2011-0186, CVE-2010-4009, CVE-2010-3801, CVE-2011-0187, CVE-2010-3802
  • Ruby 
    CVE-2011-0188
  • Samba 
    CVE-2010-3069
  • Subversion
    CVE-2010-3315
  • Terminal 
    CVE-2011-0189
  • X11 - http://www.freetype.org/ 
    CVE-2010-3814, CVE-2010-3855 
--
Kevin Shortt
ISC Handler on Duty

0 comment(s)
Diary Archives