APPLE-SA-2005-05-19 Mac OS X v10.4.1
APPLE-SA-2005-05-19 Mac OS X v10.4.1
- Subject: APPLE-SA-2005-05-19 Mac OS X v10.4.1
- From: Apple Product Security <email@hidden>
- Date: Thu, 19 May 2005 16:18:11 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2005-05-19 Mac OS X v10.4.1
Mac OS X v10.4.1 is now available and delivers the following security
enhancements:
Bluetooth
Available for: Mac OS X v10.4, Mac OS X Server v10.4
CVE-ID: CAN-2005-1333
Impact: Directory traversal via Bluetooth file and object exchange
Description: Due to insufficient input checking, the Bluetooth file
and object exchange services could be used to access files outside of
the default file exchange directory. This update addresses the issue
by adding enhanced filtering for path-delimiting characters. Credit
to kf_lists[at]digitalmunition[dot]com for reporting this issue.
Dashboard
CVE-ID: CAN-2005-1474
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: Malicious websites can download and install widgets via
Safari without the Safe Download Validation warning
Description: This update blocks the automatic installation of
Dashboard widgets. Mac OS X's Safe Download Validation warning is
enabled, requiring user approval before a Dashboard widget is
installed by Safari. This issue does not affect Mac OS X versions
prior to 10.4. Further information on removing Dashboard widgets
that you have installed is available from this article:
http://docs.info.apple.com/article.html?artnum=301629
Kernel
CVE-ID: CAN-2005-1472
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: Users can discover the names of files placed in normally
unsearchable places
Description: Two system calls designed to allow efficient searching
of filesystem objects incorrectly checked the permissions on
enclosing directories and would reveal the names of files. The
incorrect checking only occurred for directories without the POSIX
read, but with the POSIX execute bits set for group and other. In
practice this issue only affects files stored in users ~/Public/Drop
Box. This update addresses the issue by correctly honoring the POSIX
permission bits on directories. Credit to John M. Glenn of San
Francisco for reporting this issue.
Kernel
CVE ID: CAN-2005-0974 CERT: VU#713614
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: Local system users can cause a local denial of service
Description: A vulnerability in the nfs_mount() call due to
insufficient checks on input values could allow unprivileged local
users to create a denial of service via a kernel panic.
SecurityAgent
CVE-ID: CAN-2005-1473
Available for: Mac OS X v10.4, Mac OS X Server v10.4
Impact: Users with physical access to a system with a locked
screensaver can start background applications
Description: A contextual menu feature in Mac OS X 10.4 allows URLs
to be opened from a text input field. This could be used to launch
an application behind a locked screensaver window. This update
addresses the issue by removing the contextual menu from screensaver
text input fields.
Mac OS X v10.4.1 may be obtained from the Software Update pane in
System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/
For Mac OS X v10.4
The download file is named: "MacOSXUpdate10.4.1.dmg"
Its SHA-1 digest is: 7f4e0af21fff6cb80d271ccd9278637c660b51ad
For Mac OS X Server v10.4
The download file is named: "MacOSXSvrUpdate10.4.1.dmg"
Its SHA-1 digest is: bf311da7dd3cc3f039ed9188412f8eaa994a4650
Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798
This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQEVAwUBQo0amoHaV5ucd/HdAQLHMAgAjRkX8+OfCJ/qeXzJ+XixNa5c2rYktzCM
etI9mBjEU3plouTkA7zP49F9+BSYaYilRZDFLwGrkGNBMrB9evcYUCAQuVQiFFV2
n+aRAgYGgTXv2IGbxf6//DTAeipzOT9WwzmzILXeNM69uRj8TMHl2v7ooDmIDSSK
ke28UlZ9RpGPwUDwJ8clkJQZPvsIWllnsdZM2nQfR6PqVs3r8QLIMrcTcTAVMrr0
jUknS3CAUeiWNBnURDslDp5L+tQs9CCYTAhiS+nGIcfhha5dda+J/La7RB1wlNep
PatMFO+E7v4/zlV7ALuPrYvT16I78QypdZScahy/4fXTrMKg1DZOWQ==
=Dvj/
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden