Apple Releases Yet Another Mac OS X "Leopard" Upgrade

It's only been a month since Mac OS X 10.5.3 came out, and today we have Mac OS X 10.5.4. As far as I can tell, Apple has never released operating system patches so close together. That's a clear sign that something wasn't quite right with 10.5.3  as indeed, there has been with Leopard in general. Let's see what Apple gave us today.I've also never seen a Mac OS X update that had so few changes. In Mac OS X 10.5.4, you'll find a handful of fixes to the general code base, AirPort wireless networking, the iCal calendar application, and the Spaces & Expos functions of the user interface. None of those seem like show stoppers.

The real story is an update of the Safari Web browser. Version 3.1.2 includes a big security fix which addresses a flaw in the underlying HTML renderer (called WebKit) that has to do with how JavaScript is handled. According to Apple,

A memory corruption issue exists in WebKit's handling of JavaScript arrays. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Along with this fix, the version of Safari for Mac OS X v10.5.4 is updated to 3.1.2. For Mac OS X v10.4.11 and Windows XP / Vista, this issue is addressed in Safari v3.1.2 for those systems. Given the severity of that problem, and also the large number of other security fixes in Mac OS X 10.5.4, this update is recommended. Be sure to test it before deploying, of course.