Notable Fixes and improvements
- issue with unresponsive keyboard or trackpad
- issue with some Adobe CS3 applications not launching
- copying, renaming, or deleting files on SMB shares
- improved VPN connections
- playback issue in DVD Player when using Good Quality deinterlacing
- issue editing photos with iPhoto or Aperture in full screen view
- Parental Controls Time Limits for Open Directory or Active Directory users
- display sleep and speaker issues with MacBook Pro (Early 2010)
- includes Safari 5.0
- fixes and improvements to Aperture 3
- RAW image compatibility for additional digital cameras
- pairing issues with Apple remotes
Security fixes
- The following CUPS issues have been resolved
- Visiting a maliciously crafted website while logged into the CUPS web interface as an administrator may allow CUPS settings to be changed
- A remote attacker may cause an unexpected application termination of cupsd
- An attacker with access to the CUPS web interface may be able to read a limited amount of memory from the cupsd process
- DesktopServices
- A Finder operation may result in files or folders with unexpected permissions
- Flash Player plug-in
- Multiple vulnerabilities in Adobe Flash Player plug-in
- Folder Manager
- Unmounting a maliciously crafted disk image or remote share may lead to data loss
- Help Viewer
- Visiting a maliciously crafted website may lead to the execution of JavaScript in the local domain
- iChat
- A remote user may upload files to arbitrary locations on the filesystem of a user currently using AIM in iChat
- ImageIO
- Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution
- Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution
- Kerberos
- An unauthenticated remote user may cause an unexpected termination of the KDC process, or arbitrary code execution
- A remote user may cause an unexpected termination of the KDC process, or arbitrary code execution
- An unauthenticated remote user may cause an unexpected termination of the KDC process
- libcurl
- Using libcurl to download files from a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
- Network Authorization
- A local user may obtain system privileges
- Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
- Open Directory
- A man-in-the-middle attacker may be able to impersonate a network account server
- Printer Setup
- Network devices may disable printing in certain applications
- Printing
- A user with access to the printer may cause an unexpected application termination or arbitrary code execution
- Ruby
- A remote attacker may gain access to accounts served by Ruby WEBrick
- SMB File Server
- A remote user may obtain unauthorized access to arbitrary files
- SquirrelMail
- Multiple vulnerabilities in SquirrelMail
- Wiki Server
- Viewing maliciously crafted Wiki content may result in a cross-site scripting attack
Update information is here and you can get more information on the Security updates here
No comments:
Post a Comment