[Macpartners] Mac OS X 10.3.4 security fixes
Albert Willis
awillis at MIT.EDU
Tue Jun 1 14:04:06 EDT 2004
Here's what gets fixed in the Mac OS X 10.3.4 release.
-- Al
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2004-05-28 Mac OS X Update 10.3.4
Mac OS X Update 10.3.4 is now available and contains security
enhancements for the following:
NFS: Improves logging when tracing system calls. Credit to David
Brown <dave at spoonguard.org> for reporting this issue.
LoginWindow: Improves the handling of directory services lookups and
console log files. Credit to aaron at vtty.com for reporting the issue.
Packaging: Improves package installation. Credit to aaron at vtty.com
for reporting the isssue.
TCP/IP: provides better handling of out-of-sequence TCP packets.
AppleFileServer: Improves the use of SSH and reporting errors.
Terminal: Improves the handling of URLs. Credit to Rene Puls
<rpuls at gmx.net> for reporting this issue.
Note: CVE Candidate IDs will be published to the Security Updates
page when available:
http://docs.info.apple.com/article.html?artnum=61798
================================================
Mac OS X 10.3.4 may be obtained from:
* Software Update pane in System Preferences
* Apple's Software Downloads web site:
Updating from Mac OS X 10.3.3
=============================
http://www.apple.com/support/downloads/macosxupdate_10_3_4.html
The download file is named: "MacOSXUpdate10.3.4.dmg"
Its SHA-1 digest is: dd2e1576cfd2792f0c012d552d41556192ce7415
Updating from Mac OS X 10.3 - 10.3.2
====================================
http://www.apple.com/support/downloads/macosxcombined1034update.html
The download file is named: "MacOSXUpdateCombo10.3.4.dmg"
Its SHA-1 digest is: 061a2560cdd239e8d60e36678a3ea31d1aef5534
Updating from Mac OS X Server 10.3.3
====================================
http://www.apple.com/support/downloads/macosxupdate_10_3_4.html
The download file is named: "MacOSXServerUpdate10.3.4.dmg"
Its SHA-1 digest is: c9d04735eb1b381fe8786cc1424fa734abb28c32
Updating from Mac OS X Server 10.3 - 10.3.2
===========================================
http://www.apple.com/support/downloads/
macosxcombinedserver1034update.html
The download file is named: "MacOSXSrvrUpdCombo10.3.4.dmg"
Its SHA-1 digest is: 2579754ab996c4e070bd3bd7c3789792754e6adc
Information will also be posted to the Apple Product Security web
site: http://docs.info.apple.com/article.html?artnum=61798
This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQEVAwUBQLfX+Jyw5owIz4TQAQK+sgf9H3P1/mVZGdqjnejfIezii+jzQnZZaZuv
tCbePSyLEKrn6evHZvUyEdRVIpcbZAU3ymxCNPgg/Mv5gdln/PAdUSYb/wvtUbxM
CB08zYqpD8IsPS5zay8SotYPJsXw+RagbI4zjB8i+mm9Wep/R/zu/iC0G/3/6ItN
qeD8hTF0spGqSrGR0XAUiIBKmUCvel4KFcvxADwGrjCjCUOleQlwE8+nkdUc3/Cd
53oREzuqsboTjaQOcqAToj9n9JzT9R5Oip0PngkXOloAp8ITKQAj6kLrAYMxTe5l
piMH6xElS8VydC7M1wZchUxYHdhKFtlHC/6fWPP/k2vT/QGyt7+pWA==
=C0Or
-----END PGP SIGNATURE-----
More information about the Macpartners
mailing list