Just hitting the streets, as we speak, Apple released OSX update 10.5.5. Built into 10.5.5 is Security Update 2008-006, marking the 6th major security update of the year. So aside from the ton of updates in 10.5.5 for OSX Leopard, check out the below updates included with it.
Keep in mind that Security Update is not just for 10.5 (OSX Leopard), being that it is also available for 10.4, Desktop and Server releases.
This update releases updates to the following items:
ATS -- Apple Type Services -- CVE-2008-2305
10.5 -- Updated to 9.4.2-P2
10.4.11 -- Updated to 9.3.5-P2
ClamAV -- Antivirus included with OSX Server
Updated to version 0.93.3.
CVE-2008-1100, CVE-2008-1387, CVE-2008-0314, CVE-2008-1833, CVE-2008-1835, CVE-2008-1836, CVE-2008-1837, CVE-2008-2713, CVE-2008-3215
Directory Services x2 -- (Something I found interesting -- Vulnerability reported by the "IT Department of the West Seneca Central School District". Not your usual reporter. Very nice) -- CVE-2008-2329
Finder x2 -- CVE-2008-2331, CVE-2008-3613
ImageIO x4 -- CVE-2008-2327, CVE-2008-2332, CVE-2008-3608, CVE-2008-1382
Kernel -- CVE-2008-3609
libresolv -- CVE-2008-1447
Login Windows x2 -- CVE-2008-3610, CVE-2008-3611
mDNSResolver -- CVE-2008-1447
OpenSSH -- CVE-2008-1483, CVE-2008-1657
QuickDraw Manager -- CVE-2008-3614
Ruby -- CVE-2008-2376
SearchKit -- CVE-2008-3616
System Configuration -- CVE-2008-2312 (For 10.4.11)
System Preferences x2 -- CVE-2008-3617, CVE-2008-3618
Time Machine -- CVE-2008-3619
VideoConference -- CVE-2008-3621
Wiki Server -- CVE-2008-3622
So, all in all, quite a few updates here in this one.
Subscribe in a reader
Over the past several years my job here at Cisco Talos has changed drastically. I took on new roles, which is awesome and exciting, but in ...
Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so...
Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical. I don't want to...
1. I don't feel like I have much to say. I do a tremendous amount of writing and blogging on the Snort, ClamAV, and Talos blogs. So...