APPLE-SA-2010-08-24-1 Security Update 2010-005

Security Update 2010-005 is now available and addresses the
following:

ATS
CVE-ID: CVE-2010-1808
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: Viewing or downloading a document containing a maliciously
crafted embedded font may lead to arbitrary code execution
Description: A stack buffer overlow exists in Apple Type Services'
handling of embedded fonts. Viewing or downloading a document
containing a maliciously crafted embedded font may lead to arbitrary
code execution. This issue is addressed through improved bounds
checking.

CFNetwork
CVE-ID: CVE-2010-1800
Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information
Description: CFNetwork permits anonymous TLS/SSL connections. This
may allow a man-in-the-middle attacker to redirect connections and
intercept user credentials or other sensitive information. This issue
does not affect the Mail application. This issue is addressed by
disabling anonymous TLS/SSL connections. This issue does not affect
systems prior to Mac OS X v10.6.3. Credit to Tomas Bjurman of Sirius
IT, Jean-Luc Giraud of Citrix, and Aaron Sigel of vtty.com for
reporting this issue.

ClamAV
CVE-ID: CVE-2010-0098, CVE-2010-1311
Available for: Mac OS X Server v10.5.8, Mac OS X Server v10.6.4
Impact: Multiple vulnerabilities in ClamAV
Description: Multiple vulnerabilities exist in ClamAV, the most
serious of which may lead to arbitrary code execution. This update
addresses the issues by updating ClamAV to version 0.96.1. ClamAV is
distributed only with Mac OS X Server systems. Further information is
available via the ClamAV website at http://www.clamav.net/

CoreGraphics
CVE-ID: CVE-2010-1801
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in CoreGraphics' handling
of PDF files. Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution. This
issue is addressed through improved bounds checking. Credit to
Rodrigo Rubira Branco from the Check Point Vulnerability Discovery
Team (VDT) for reporting this issue.

libsecurity
CVE-ID: CVE-2010-1802
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: An attacker in a privileged network position who can obtain
a domain name that differs only in the last characters from the name
of a legitimate domain may impersonate hosts in that domain
Description: An issue exists in the handling of certificate host
names. For host names containing three or more components, the last
characters are not properly compared. In the case of a name
containing exactly three components, only the last character is not
checked. For example, if an attacker in a privileged network position
could obtain a certificate for http://www.example.con the attacker can
impersonate http://www.example.com. This issue is addressed through improved
handling of certificate host names. Credit to Peter Speck for
reporting this issue.

PHP
CVE-ID: CVE-2010-1205
Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: Loading a maliciously crafted PNG image may lead to an
unexpected application termination or arbitary code execution
Description: A buffer overflow exists in PHP's libpng library.
Loading a maliciously crafted PNG image may lead to an unexpected
application termination or arbitary code execution. This issue is
addressed by updating libpng within PHP to version 1.4.3. This issue
does not affect systems prior to Mac OS X v10.6.

PHP
CVE-ID: CVE-2010-1129, CVE-2010-0397, CVE-2010-2225, CVE-2010-2531,
CVE-2010-2484
Available for: Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: Multiple vulnerabilities in PHP 5.3.1
Description: PHP is updated to version 5.3.2 to address multiple
vulnerabilities, the most serious of which may lead to arbitary code
execution. Further information is available via the PHP website at
http://www.php.net/

Samba
CVE-ID: CVE-2010-2063
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6.4, Mac OS X Server v10.6.4
Impact: An unauthenticated remote attacker may cause a denial of
service or arbitrary code execution
Description: A buffer overflow exists in Samba. An unauthenticated
remote attacker may cause a denial of service or arbitrary code
execution by sending a maliciously crafted packet. This issue is
addressed by performing additional validation of packets in Samba.

Danke!

Danke!

Ja, Danke auch. Hat's schon einer?

Moi

Na, hier gibt's zumindest bisher nach Installation keinen Stress.

Läuft bestens. Habe noch kein Problem bemerkt.

Nun ja. Was sollten die paar Versionsbumps einiger OSS-Pakete, die der normale Client sowieso nicht nutzt, denn auch für positive/negative/seltsame Auswirkungen haben?

Na, manchmal kommen halt Inkompatibilitäten mit irgendwelchen Gimmicks oder Treibern vor, und da laufen bei mir einige von... aber bisher no prob.

[quote]... und da laufen bei mir einige von.../quote]

wovon? ich wäre so neugierig wie der satz weitergeht

Am Rande: Es wird auch das PDF-Loch gestopft, mit dem iOS <4.0.2 aufgehebelt werden konnte. Also ab jetzt kein Jailbreak von Mac OS X mehr!

Hallo,

nach dem Update habe ich Probleme mit Mail. Oder liegt das wohl doch eher an T-Online? Ich weiß nicht aber ich hatte das noch nie. Mail meckert auch nach so ca. 1,5 min. Es erscheint ein kleines Warndreieck neben dem Posteingang. Den Account online schalten geht auch nicht. Vielen Dank...

(MacBook 2,1, OS X.6.4, alle Updates)

Es gibt technisch keinen Zusammenhang zwischen diesem Update und Deinem Mail-Hänger. Suche eher in Richtung "Internet-Verbindung", "Verfügbarkeit des Mailservers" usw.

Ah Ja. Nein, es liegt wohl doch an T-Online, man kann sich dort eben auch nicht via Internet in seinem Konto einloggen. Danke noch mal...

altes_ego:
lol, ja - komischer Satz. Hätte konsequenterweise weitergehen müssen:
"...und da laufen bei mir einige von auf'm Rechner drauf."

oder: ."..und von diesen Treibern und Gimmicks habe ich einige in Gebrauch, so dass es schon interessant ist, zu sehen, ob alles weiterhin problemlos läuft."

oder so.

@Oldie2009: Es kommt gerade in den Radio-Nachrichten: Die Mailserver bei T-Online bocken. Shit happens, einfach mal einen Tag was anderes machen...

Oldie2009: Es liegt in diesem Fall an T-Online, heise berichtet gerade darüber: