Infrastructure // PC & Servers
06:34 PM
Connect Directly
Core System Testing: How to Achieve Success
Oct 06, 2016
Property and Casualty Insurers have been investing in modernizing their core systems to provide fl ...Read More>>

Apple Mac OS X 10.5.4 Bolsters Performance, Security

Nine of the 25 vulnerabilities addressed affect the Tomcat 4.1.36, which comes bundled with Mac OS X v10.4.11 systems.

Apple on Monday released Mac OS X 10.5.4, which addresses operating system and application performance issues and fixes 25 security vulnerabilities.

The update, available from Apple's Web site and through the Mac OS X Software Update control panel, resolves problems with saving and reopening Adobe Creative Suite 3 files on a remote server, adds RAW image support for several cameras, addresses a potential X11 installation issue, and improves L2TP VPN client reliability.

The update also improves the reliability of Apple's wireless AirPort hardware with 5-GHz networks and certain music applications. It improves iCal syncing and fixes several other iCal issues. It resolves potential Safari performance issues when loading secure Web pages and when accessing secure Web pages with client certificates that reside on a smart card.

In addition, the update fixes several Spaces and Expose bugs.

The security portion of the update affects the following operating system components: Alias Manager, CoreTypes, c++filt, Dock, Launch Services, Net-SNMP, Ruby, SMB File Server, System Configuration, Tomcat, VPN, and WebKit.

Nine of the 25 vulnerabilities addressed affect the Tomcat 4.1.36, which comes bundled with Mac OS X v10.4.11 systems. The fixed version of Tomcat is now 4.1.37. Mac OS X 10.5 comes with Tomcat version 6.x and thus it not affected.

Six of the 25 vulnerabilities affect the Ruby programming language. "Multiple memory corruption issues exist in Ruby's handling of strings and arrays, the most serious of which may lead to arbitrary code execution," Apple explains. "This update addresses the issue by performing additional validation of strings and arrays." One Ruby fix addresses a vulnerability related to the way Ruby's WEBrick toolkit handles capitalization.

The Alias Manager, Launch Services, and System Configuration issues are specific to Mac OS X v10.4.11 and Mac OS X Server v10.4.11. They do not affect Mac OS X 10.5.

The Dock fix closes a vulnerability that could have allowed a person with physical access to a Mac protected by a screen saver password or wake-from-sleep password to bypass the password screen if Expose hot corners happened to be active.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Server Market Splitsville
Server Market Splitsville
Just because the server market's in the doldrums doesn't mean innovation has ceased. Far from it -- server technology is enjoying the biggest renaissance since the dawn of x86 systems. But the primary driver is now service providers, not enterprises.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.