magmatic.com - Squawk Box - Mac OSX 10.5.8 Security Update

MAAS History

Mac OSX 10.5.8 Security Update

Wednesday, August 5, 2009 at 06:30PM

Apple addresses various CVE-ID updates related to Mac OSX server and clients. These updates should be applied to all systems, the update does require a reboot.

Within bzip2 an out-of-bounds memory access fault exist which can lead to a crash caused be a malicious crafted compressed file. bzip2 is updated to ver. 1.0.5.

CFNetwork now will return the correct address when Safari encounters a 302 redirect. Previouly a the certificate warning would include the original site's URL instead of the current URL. An attacker could control the displayed website URL in a certificate warning.

A maliciously crafted ColorSync profile within an image could allow an attacker to terminate the application or execute code. This was caused by a heap buffer overflow in the handling of images embedded with ColorSync profiles. The validation of these profiles has been expanded and improved.

Various content has been added to the system's list of unsafe content. This includes various JavaScript code in Safari. Additionally four-finger Multi-Touch gestures prevents users from using Expose when the screen-saver is running.

A stack buffer overflow in the handling of Canon Raw images has been fix using improved bounds checking. ImageIO handling as well including the handling of OpenEXR images was fixed by updating OpenEXR to version 1.6.1. ImageIO also has improved bounds checking and validation. This addresses issues related to specially crafted PNG images which attackers could use.

Improvements have been made to fcntl system calls which prevents the overwrite of kernel memory allowing attackers to run code with system privileges. launchd error handling has been improve to prevent the DoS issues when opening many connections.

Login Window and Networking issues have been addresses including format string issues and maliciously crafted AppleTalk response packet. Also in Networking the synchronization of a message file descriptor to a socket with no receiver that caused the system to shut down has been patched.

Improvements have been made to XQuery and MobileMe. MobileMe will now delete all credentials when signing out of the Preference Pane. (For Developers it is recommended to explore ADC's better authorization example) XQuery with Unicode code points greater than 255 is now fixed, Perl Compatible Regular Expressions (PCRE) is updates to version 7.6.

drStrangeP0rk |

References (4)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Source: APPLE-SA-2009-08-05-1 Security Update 2009-003 / Mac OS X v10.5.8
Source: http://bzip.org/
Source: Downloads Page
Source: http://www.us-cert.gov/cas/techalerts/TA09-218A.html

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

magmatic.com by magmatic consulting is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
Based on a work at http://magmatic.com.
Permissions beyond the scope of this license may be available at http://magmatic.com.