April Mac OS X Security Update -- Apple last week released the Security Update April 2002 through Software Update and the Apple software downloads site. The 4.7 MB download includes updates to a number of Mac OS X's Unix components, including OpenSSH 3.1p1, rsync 2.5.2, groff 1.17.2, PHP 4.1.2, sudo 1.6.5, mod_ssl 2.8.7, and mail_cmds. These updated components provide increased security against Unix-based exploits for gaining unauthorized access to your Mac. Everyone should download and install this security update. Most notable with this release, though, is Apple's first real use of their Security Announce mailing list, a PGP-signed posting to which carried more detailed change notes than were available via Software Update's description of the update. Plus, the version of the change notes on Apple's Security Updates page included links where you could read more about the exploits in question. It's taken over a year, but it appears that Apple is finally living up to all of the responsibilities to the community it took on by moving the Macintosh away from the highly secure Mac OS 9 to the far more open Unix core of Mac OS X. [ACE]

<http://docs.info.apple.com/article.html? artnum=120111>
<http://lists.apple.com/mailman/listinfo/ security-announce>
<http://www.apple.com/support/security/security_ updates.html>

Permanent article URL: http://db.tidbits.com/article/6776
This is a specially formatted version of this TidBITS article that removes colors, and optionally removes images; it's designed to minimize the use of ink and paper.
Unless otherwise noted, this article is copyright © 2002 TidBITS Publishing, Inc.. TidBITS is copyright © 2008 TidBITS Publishing Inc. Reuse governed by this Creative Commons License: http://www.tidbits.com/terms/.