-----BEGIN PGP SIGNED MESSAGE----- Security Update 7-12-02 is now available. It contains Software Update client version 1.4.6 which fixes CVE ID CAN-2002-0676 to increase the security of the Software Update process. Affected systems: Systems with Software Update client 1.4.5 or earlier System requirements: Mac OS X 10.1 or later, or Mac OS X Server 10.1.x or later New features: Software packages that are available for download via the Software Update process are now cryptographically signed. Software Update client 1.4.6 checks for a valid signature before installing new packages. Downloaded packages which do not contain a valid signature are deleted from the system. Security Update 7-12-02 may be obtained from: - - Apple's Software Downloads web site (for Mac OS X 10.1 or later) http://www.info.apple.com/kbnum/n75304 - - Software Update pane in System Preferences (for 10.1.1 or later) To help verify the integrity of Software Update client 1.4.6 from the Software Downloads web site, the download file is titled "SecurityUpdate7-12-02.dmg" and its SHA-1 digest is: 2c039c683b7001defc35f93ba1f68db3e33e41fc Information will also be posted to the Apple Product Security web site: http://www.apple.com/support/security/security_updates.html This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/security_pgp.html -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.3 iQEVAwUBPTBFVCFlYNdE6F9oAQF0Uwf+Kroxcn3NxZLuQVP+HngZiMsJ6ThHwebX kdcq/MG6Ma0Y77Ce6VRn20ebuTeYymwJXwblXol060tS6xeM/Ropvg1GxTr2P202 1B1DD8kfz/iFUJ6Bc7292JWUs8SqUrI3OuzeJk/2aFuUQaJIg66Ul7KS5iVLlkl1 szro4iML2N2Z74DQGaRr0rF0FegRJhZ9ZNKxKdNCQiTkrBC5rlIbPqGMYvyVk9gw QLpEdXOrFze2hXBoQKwnmj5sj+co4SeJYX5nOn809bgfZ1mDFO/pwW33tFJGI7KQ +SVdIfWLBiZdTQMbsxQn9BdHWxoevzn5r5u8mkprtn49khrNzIQH0A== =QZsp -----END PGP SIGNATURE----- _______________________________________________ security-announce mailing list | security-announce@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce Do not post admin requests to the list. They will be ignored.