• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
APPLE-SA-2004-01-26 Security Update 2004-01-26
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

APPLE-SA-2004-01-26 Security Update 2004-01-26

  • Subject: APPLE-SA-2004-01-26 Security Update 2004-01-26
  • From: Apple Product Security <email@hidden>
  • Date: Mon, 26 Jan 2004 16:26:51 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2004-01-26 Security Update 2004-01-26

Security Update 2004-01-26 is now available.  It contains security
enhancements for the following:

AFP Server:  Improves AFP over the 2003-12-19 security update.

Apache 1.3: Fixes CAN-2003-0542, a buffer overflow in the mod_alias
    and mod_rewrite modules of the Apache webserver.

Apache 2: Fixes CAN-2003-0542 and CAN-2003-0789 by updating Apache
    2.0.47 to 2.0.48. Installed only on Server systems.

Classic:  Fixes CAN-2004-0089 to improve the handling of environment
    variables.  Credit to Dave G. of @stake for reporting this issue.

Mail:  Fixes CAN-2004-0085 and CAN-2004-0086 to deliver security
    enhancements to Apple's mail application.  Credit to Jim Roepcke
    for reporting CAN-2004-0086.

Safari:  Fixes CAN-2004-0092 by delivering security enhancements to
    the Safari web browser.

System Configuration: Fixes CAN-2004-0087 and CAN-2004-0088 where the
    SystemConfiguration subsystem allowed remote non-admin users to
    change network setting and make configuration changes to configd.
    Credit to Dave G. from @stake for reporting these issues.

Windows File Sharing: Fixes CAN-2004-0090 where Windows file sharing
    did not shutdown properly.

================================================

Security Update 2004-01-26 is available for the following systems:
   -  Mac OS X 10.1.5 "Puma" and Mac OS X Server 10.1.5
   -  Mac OS X 10.2.8 "Jaguar" and Mac OS X Server 10.2.8
   -  Mac OS X 10.3.2 "Panther" and Mac OS X Server 10.3.2

The Security Updates web page indicates which fixes are available for
each system, as not all issues apply to each system.  Security Update
2003-12-19 has been incorporated into this security update for the
Jaguar and Panther systems.

================================================

Security Update 2004-01-26 may be obtained from:

  * Software Update pane in System Preferences

  * Apple's Software Downloads web site:

    Mac OS X 10.3.2 Client
    ======================
    http://www.info.apple.com/kbnum/n120301
    The download file is named: "SecurityUpd2004-01-26Pan.dmg"
    Its SHA-1 digest is: 8977b3420a6343d53b79f23c409a601d269d87a4

    Mac OS X 10.3.2 Server
    ======================
    http://www.info.apple.com/kbnum/n120300
    The download file is named: "SecUpdSrvr2004-01-26Pan.dmg"
    Its SHA-1 digest is: 15bfa92c439c6fee1e690703359778cefabf58d7

    Mac OS X 10.2.8 Client
    ======================
    http://www.info.apple.com/kbnum/n120302
    The download file is named: "SecurityUpd2004-01-26Jag.dmg"
    Its SHA-1 digest is: 365401ca71387a45a34ecab5ec7278b62e3089b3

    Mac OS X 10.2.8 Server
    ======================
    http://www.info.apple.com/kbnum/n120304
    The download file is named: "SecUpdSrvr2004-01-26Jag.dmg"
    Its SHA-1 digest is: 605578cbf0d6005ee5f6b474026b908e47175268

    Mac OS X 10.1.5 Client and Server
    =================================
    http://www.info.apple.com/kbnum/n120303
    The download file is named: "SecurityUpd2004-01-26P.dmg"
    Its SHA-1 digest is: 7c7f55d675a19957bce3c5aeaa985652a8c59d7b

Information will also be posted to the Apple Product Security web
site:
http://www.apple.com/support/security/security_updates.html

This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQEVAwUBQBWwCneI0z6bzFr0AQJq2gf9EnXdvmQv32/FEQ7oD2SMr1CRURt8obxD
/71SE+DFNS07eO8UzExNRy490hkTb8sXEpp9jeDu7hTR00ZH4FpzDX0Ydn5x/LGJ
b/wG2w9WgjVjdBKhykANAb8Pomnrm8sTzQvpfXyQmHr9q7Qt5Idcs7pjaU3UK2J4
gAhe48cBdxktBgjktoNHpZ13oF24yVUi4D0PDEdiab4ZDjJu16sox72+1Us/4cEI
xG5womXWxNXV9iF4wQeubEmsgOG+xKA++wY0At204AyR4i2UCPkynZIB7VvJh+nV
js+l4Ry02jtC+Nj50np3mPRvmLZiaC+zJeB8Vdap7m3yKTwLZ8gpFw==
=2ecE
-----END PGP SIGNATURE-----
_______________________________________________
security-announce mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.
  • Index(es):
    • Date
    • Thread