Apple Mac OS X security patch bundle 2006-002

Apple Mac OS X security patch bundle 2006-002
Apple released some more security patches today for Mac OS X in a bundle called 2006-002. CoreTypes: CVE-2006-0400 Fix for an XSS scripting vulnerability in archives by flagging the documents as unsafe. Mail: CVE-2006-0396 Fix for a vulnerability allowing arbitrary code execution by clicking on crafted email messages Safari, LaunchServices, CoreTypes: CVE-2006-0397, CVE-2006-0398, CVE-2006-0399 Additional checks on top of those in the previous update. Various non security rated regression fixes in a.o. apache_mod_php (still based on PHP 4.4.1, not on the latest 4.4.2) and rsync. It's interesting to note that rsync reports it's version after patching as: $ rsync --version rsync� version 2.5.5� protocol version 26 Copyright (C) 1996-2002 by Andrew Tridgell and others �http://rsync.samba.org/� Capabilities: 64-bit files, socketpairs, hard links, symlinks, batchfiles, no IPv6, 32-bit system inums, 64-bit internal inums rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the GNU General Public Licence for details. While a quick visit to http://rsync.samba.org/ shows there have been quite a few versions and fixed vulnerabilities in the mean time. -- Swa Frantzen - Section 66	Swa 760 Posts Mar 13th 2006
Thread locked Subscribe	Mar 13th 2006 1 decade ago