[Macpartners] Mac OS X 10.2.8 is now available
Albert Willis
awillis at MIT.EDU
Mon Sep 22 23:00:50 EDT 2003
Mac OS X 10.2.8 was released by Apple earlier today. Mac OS X 10.2.8
provides enhanced functionality and improved reliability for the
following applications, services and technologies: Audio, Bluetooth,
Classic compatibility, Finder, Graphics, LDAP, Power Management,
Safari, and FireWire and USB device compatibility.
Besides these enhancements and bug fixes, there are a number of
security updates as well:
OpenSSH: Addresses CAN-2003-0693, CAN-2003-0695, and CAN-2003-0682 to
fix buffer management errors in OpenSSH's sshd versions prior to 3.7.1
sendmail: Addresses CAN-2003-0694 and CAN-2003-0681 to fix a buffer
overflow in address parsing, as well as a potential buffer overflow in
ruleset parsing.
fb_realpath(): Fixes CAN-2003-0466 which is an off-by-one error in the
fb_realpath() function that may allow attackers to execute arbitrary
code.
arplookup(): Fixes CAN-2003-0804. The arplookup() function caches ARP
requests for routes on a local link. On a local subnet only, it is
possible for an attacker to send a sufficient number of spoofed ARP
requests which will exhaust kernel memory, leading to a denial of
service.
More details on the update are available at
http://docs.info.apple.com/article.html?artnum=25524.
Currently, the update to Mac OS X 10.2.8 is available only by using
Software Update. As usual, you may wish to try this out on a test
machine before updating production machines to ensure that there aren't
compatibility issues.
-- Al
---------------------------------
Albert Willis
Macintosh Platform Coordinator
Software Release Team
MIT Information Systems
More information about the Macpartners
mailing list