Apple Mac OS X security patch bundle 2006-002
Apple released some more security patches today for Mac OS X in a bundle called 2006-002.
--
Swa Frantzen - Section 66
- CoreTypes: CVE-2006-0400
Fix for an XSS scripting vulnerability in archives by flagging the documents as unsafe.
- Mail: CVE-2006-0396
Fix for a vulnerability allowing arbitrary code execution by clicking on crafted email messages
- Safari, LaunchServices, CoreTypes: CVE-2006-0397, CVE-2006-0398, CVE-2006-0399
Additional checks on top of those in the previous update.
- Various non security rated regression fixes in a.o. apache_mod_php (still based on PHP 4.4.1, not on the latest 4.4.2) and rsync.
$ rsync --version
rsync version 2.5.5 protocol version 26
Copyright (C) 1996-2002 by Andrew Tridgell and others
«http://rsync.samba.org/»
Capabilities: 64-bit files, socketpairs, hard links, symlinks, batchfiles,
no IPv6, 32-bit system inums, 64-bit internal inums
rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. See the GNU
General Public Licence for details.
While a quick visit to http://rsync.samba.org/ shows there have been quite a few versions and fixed vulnerabilities in the mean time. --
Swa Frantzen - Section 66
Keywords:
0 comment(s)
×
Diary Archives
Comments