Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2008-07-01 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Apple Posts 10.5.4, Security Update 2008-004, Time Machine + Apple Base Station Upgrades, and Safari upgrade for 10.4.11

Published: 2008-07-01
Last Updated: 2008-07-01 17:17:35 UTC
by Joel Esler (Version: 2)
0 comment(s)

Whew, what an upgrade release! 

Note:  One thing interesting that is not fixed, is the Apple Remote Desktop vuln.

Let's start with Security Update 2008-004:


Alias Manager
CVE-ID:  CVE-2008-2308

CoreTypes
CVE-ID:  CVE-2008-2309

c++filt
CVE-ID:  CVE-2008-2310


Dock
CVE-ID:  CVE-2008-2314

Launch Services
CVE-ID:  CVE-2008-2311

Net-SNMP
CVE-ID:  CVE-2008-0960

Ruby
CVE-ID:  CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725,
CVE-2008-2726

Ruby
CVE-ID:  CVE-2008-1145

SMB File Server
CVE-ID:  CVE-2008-1105

System Configuration
CVE-ID:  CVE-2008-2313

Tomcat
CVE-ID:  CVE-2005-3164, CVE-2007-1355, CVE-2007-2449, CVE-2007-2450,
CVE-2007-3382, CVE-2007-3383, CVE-2007-5333, CVE-2007-3385,
CVE-2007-5461

VPN
CVE-ID:  CVE-2007-6276

WebKit
CVE-ID:  CVE-2008-2307

Safari on OSX 10.4.11 was also upgraded to 3.1.2.  (As you can see above, so was 10.5 (Leopard) -- The WebKit update.

Happy Patching!

--

Joel Esler

http://www.joelesler.net

 

Keywords: apple
0 comment(s)

OT: Happy Canada Day!

Published: 2008-07-01
Last Updated: 2008-07-01 02:06:44 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

Cheers,
Adrien

Keywords:
0 comment(s)
Diary Archives