Mac OSX Update 10.5.7

The 10.5.7 Update is recommended for all users running Mac OS X Leopard and includes general operating system fixes that enhance the stability, compatibility and security of your Mac.

For detailed information on this update, please visit this website: http://support.apple.com/kb/HT3397.
For detailed information on security updates, please visit this website: http://support.apple.com/kb/HT1222.

Sudah sejak 12 May 2009, tapi saya baru lihat detail updatenya apa aja, ini juga belum sempat download karena ternyata update ke 10.5.7 ini merupakan major version jadi size download update-nya lumayan besar (449MB). Yang menarik, sepertinya patch untuk hole ini termasuk baru diikutsertakan sekarang. Jadi apple lebih memilih menunggu untuk release patch bersamaan dengan update-update lainnya, walaupun sebetulnya bugs ini sudah cukup lama beredar di public.

Disk Images

CVE-ID: CVE-2009-0150

Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6

Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution

Description: A stack buffer overflow exists in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Tiller Beauchamp of IOActive for reporting this issue.

Saya belum download dan install update 10.5.7 ini, tapi setelah download ingin coba lagi exploit fcntl tersebut masih bisa atau tidak.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s