Security Update 2005-009 Released -- Apple has released Security Update 2005-009, preventing a diverse collection of possible exploits in both the desktop and server versions of Mac OS X 10.3.9 and Mac OS X 10.4.3. The most notable changes are to Safari, in which Apple improved handling of credit card security codes, eliminated a bug in the JavaScript engine's PCRE (regular expression) library, ensured that files with overly long names won't be downloaded into unexpected locations, caused JavaScript-generated dialogs to identify the site that created them, and fixed a heap overflow that could enable arbitrary code execution in WebKit-based applications. Other components of Mac OS X seeing fixes include Apache2, apache_mod_ssl, CoreFoundation, CoreTypes, curl, iodbcadmintool, OpenSSL, passwordserver, QuickDraw Manager, ServerMigration, sudo, and syslog. Security Update 2005-009 is available via Software Update and as a standalone download for each version of Mac OS X; sizes range from 6 MB to 33 MB. [ACE]

<http://docs.info.apple.com/article.html? artnum=302847>

Permanent article URL: http://db.tidbits.com/article/8339
This is a specially formatted version of this TidBITS article that removes colors, and optionally removes images; it's designed to minimize the use of ink and paper.
Unless otherwise noted, this article is copyright © 2005 TidBITS Publishing, Inc.. TidBITS is copyright © 2008 TidBITS Publishing Inc. Reuse governed by this Creative Commons License: http://www.tidbits.com/terms/.