-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Update 2003-08-14 is now available APPLE-SA-2003-08-14 realpath. It addresses CAN-2003-0466, a potential vulnerability in the fb_realpath() function, used by the FTPServer and Libc projects, which could allow a local or remote user to gain unauthorized root privileges to a system. Security Update 2003-08-14 is available as two separate packages: one for Mac OS X Server 10.2.6, and the other for Mac OS X 10.2.6 (Client). Security Update 2003-08-14 for Mac OS X Server 10.2.6 may be obtained from: * Software Update pane in System Preferences - OR - * Apple's Software Downloads web site: http://www.info.apple.com/kbnum/n120238 The download file is named: "SecUpdSrvr2003-08-14.dmg" Its SHA-1 digest is: 1b27363f080378c085d04436b0ded0507f0bf23e Security Update 2003-08-14 for Mac OS X 10.2.6 (Client) may be obtained from: * Software Update pane in System Preferences - OR - * Apple's Software Downloads web site: http://www.info.apple.com/kbnum/n120239 The download file is named: "SecurityUpd2003-08-14.dmg" Its SHA-1 digest is: 6b3779275007b84bcc0273b60c9ed8b8ae153435 Information will also be posted to the Apple Support web site: http://docs.info.apple.com/article.html?artnum=61798 This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/security_pgp.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQEVAwUBPzwufHeI0z6bzFr0AQKouwf8DoDrU2UfFKAFKdt8qbzBOyKaFI/TGvAT Dt8GY9OfV/MWPieok85lo5zD4175WuhxTXjmaTvONO0wMo5WfcJsredYx6l0Egt6 AQrcTEvSN6n6AFlic2SbiZEjF7XEjjnvXDhs2kMXydwB5TntKKOqNOXB2s7aof3Z 1Yi0otnddEKrwyuryNWpMZNJbtuqjmR3JE+EmNbaDnw8vrgd0LqjK/9mN+b0lniO C5D6g/brli/pOzUcbO7ES5v+BQg6rSywL6HCnUB83jdGr1PPEOEjbopMXLmAn4+t bbG2fohH8ZJrjrFn3fpdWMc2FT90BLRLFHZlTBleL790sWAnUrW3Bg== =ibVT -----END PGP SIGNATURE----- _______________________________________________ security-announce mailing list | security-announce@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce Do not post admin requests to the list. They will be ignored.