APPLE-SA-2007-05-01 Security Update 2007-004 v1.1
APPLE-SA-2007-05-01 Security Update 2007-004 v1.1
- Subject: APPLE-SA-2007-05-01 Security Update 2007-004 v1.1
- From: Apple Product Security <email@hidden>
- Date: Tue, 1 May 2007 13:06:21 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2007-05-01 Security Update 2007-004 v1.1
Security Update 2007-004 v1.1 is now available. It includes the
contents of Security Update 2007-004, plus the following fixes:
AirPort
Available for: Mac OS X v10.3.9
This update corrects an issue where the AirPort connection may
be lost after waking from sleep. This issue only affects
Mac OS X v10.3.9 (client) with Security Update 2007-004.
FTPServer
CVE-ID: CVE-2007-0745
Available for: Mac OS X Server v10.4.9
Impact: Users with ftp access may be able to navigate to directories
outside the normal scope
Description: Security Update 2007-004 applied an incorrect ftp
configuration file for Mac OS X Server v10.4.9 systems. Users with
ftp access, who would normally be restricted to certain directories,
may be able to access directories outside the normal scope. This
update addresses the issue by restoring the correct version
of the ftp configuration file. This issue only affects
Mac OS X Server v10.4.9 with Security Update 2007-004.
Note:
Mac OS X v10.4.9 (client) and Mac OS X Server v10.3.9 systems that
have installed Security Update 2007-004 do not require Security
Update 2007-004 v1.1. If the security update has not yet been
installed on these systems, then they should be updated using
Security Update 2007-004 v1.1.
Since Mac OS X v10.4.9 (client) and Mac OS X Server v10.3.9 systems
that have already installed Security Update 2007-004 are not
affected, the Software Update utility will not display Security
Update 2007-004 v1.1 for these systems.
Security Update 2007-004 v1.1 may be obtained from the Software
Update pane in System Preferences, or Apple's Software Downloads web
site: http://www.apple.com/support/downloads/
For Mac OS X v10.4.9 (PowerPC) and Mac OS X Server v10.4.9 (PowerPC)
The download file is named: "SecUpd2007-004Ti.dmg"
Its SHA-1 digest is: 60319316b3eba0de37f7ea747e59decfafe1ea81
For Mac OS X v10.4.9 (Universal) and
Mac OS X Server v10.4.9 (Universal)
The download file is named: "SecUpd2007-004Univ.dmg"
Its SHA-1 digest is: fb6ec6a7d8729bd21d1431192ecb7665e9fd2b80
For Mac OS X v10.3.9
The download file is named: "SecUpd2007-004Pan.dmg"
Its SHA-1 digest is: 39b9be13a82ea546f18ff4958cfd69b0d37947e8
Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798
This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)
iQEVAwUBRjd3OImzP5/bU5rtAQiNoQgAuOdAF0Mf1S0TsVH7d4Fg6fgKq34HMQ3w
Unmd1dGx1PxXahSRcDoCfhxFlE+Eh5VLgC3lgrWhQ2WW5wXPA8xFbP6YjFelfwOo
ZDuykcEtDoTEPPUcrVVfh/cyGoYP7x7uGDzzvjH9qwFie6PtKjKcAf640aFBchfn
A7UXkQEGm6mZwvZ14lGbVxWHZ09vjbM5otZv60vy8u6p6l3XjntjSrKSK2d7aWqF
gHH/H8bxLbXhNL9kveXBsZTCK3TG3uJFJ90i+v63odTS6THHnl3mjm31Sx5DUF7g
im7OTXT94mCfWDVK8YEcNf/NH3GQmVnE7+oXlHbQ+f86PWOgvaEQ9g==
=hOXJ
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden