[Macpartners] Security update for Mac OS X Server 10.2.6

[Albert Willis]

If you're running Mac OS X Server 10.2.6, you should apply this update.

   -- Al



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2003-06-12 Security Update 2003-06-12 Apache 2

Security Update 2003-06-12 is now available.  It contains fixes for
the following potential security issues for Mac OS X Server.  Mac OS X
client does not contain the issues being addressed by this software
update.

Apache 2.0:  Fixes CAN-2003-0245 by updating Apache 2.0.45 to 2.0.46
to address a security hole in the mod_dav module that could be exploited
remotely causing an Apache Web server process to crash.  Apache 1.3
is unaffected and is the primary web server on Mac OS X Server.  Apache
2.0 is installed with Mac OS X Server, but off by default.

dsimportexport:  Fixes CAN-2003-0420 where a logged-in user could
potentially view the name and password of the account running the
dsimportexport tool.

Security Update 2003-06-12 may be obtained from:

    * Software Update pane in System Preferences

    - OR -

    * Apple's Software Downloads web site:

      http://www.info.apple.com/kbnum/n120215
      The download file is named: "SecurityUpd2003-06-12.dmg"
      Its SHA-1 digest is: 1f8e101111ae059ebd6eaf91b69267808517b4a1

Information is also posted to the Apple Support web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQEVAwUBPukFjHeI0z6bzFr0AQIZQAgAgKNZ4eFeiTYQNyHC6Xa3A0AVAz84RkFQ
5Eb7BivZgBH+Wa0AMfs4OH9Z7+XtBFH5GbkKHL9MOSeW97cDCyBxTaNk/G98SFgj
DdAmnbNY5GUA5mhEq4gRMChICJGE+Fc9zQLqwGFZ4NDlpOpoDWILOABM4E4NeeVe
3AEPZe4WeVXRup+kAfYfY2oyKz74AxU2CeHnEwQC3OFpBM1zFu59x2S1TPdwi8Ti
6K2Uyzv0bjKtSNxgeoCLzJgiah9B7otzOyR0h5xqJ/shlwAX4f3/GEeK//V0B6a+
+GimSMrHQPPvSFRRWpRdHAEB24vasaDG6SjJ/dUDqCwcCH6jekWxdA==
=Gs31
-----END PGP SIGNATURE-----