« Apples Medienaufsicht (Video) | Start | Firmware-Update für Grafikkarte der Alu-iMacs »

15.11.2007

Mac OS X 10.5.1 steht bereit

Das erste System-Update für Leopard taucht in der Softwareaktualisierung auf oder ist über apple.com (110MB) zu beziehen: «Es umfasst allgemeine Fehlerbehebungen für das Betriebssystem, die die Stabilität, Kompatibilität und Sicherheit Ihres Mac-Computers verbessern.» Unter anderem wurde der Datenverlust-Bug beim Verschieben von Dateien im Finder behoben und die reichlich diskutierte Firewall mit klareren Bezeichnungen versehen (mehr dazu nach dem Klick). Komplette Liste der Änderungen. (Danke, Jens und Horst-Dieter!)

Application Firewall
CVE-ID: CVE-2007-4702
Available for: Mac OS X v10.5, Mac OS X Server v10.5
Impact: The "Block all incoming connections" setting for the
firewall is misleading
Description: The "Block all incoming connections" setting for the
Application Firewall allows any process running as user "root" (UID
0) to receive incoming connections, and also allows mDNSResponder to
receive connections. This could result in the unexpected exposure of
network services. This update addresses the issue by more accurately
describing the option as "Allow only essential services", and by
limiting the processes permitted to receive incoming connections
under this setting to a small fixed set of system services: configd
(for DHCP and other network configuration protocols), mDNSResponder
(for Bonjour), and racoon (for IPSec). The "Help" content for the
Application Firewall is also updated to provide further information.
This issue does not affect systems prior to Mac OS X v10.5.

Application Firewall
CVE-ID: CVE-2007-4703
Available for: Mac OS X v10.5, Mac OS X Server v10.5
Impact: Processes running as user "root" (UID 0) cannot be blocked
when the firewall is set to "Set access for specific services and
applications"
Description: The "Set access for specific services and applications"
setting for the Application Firewall allows any process running as
user "root" (UID 0) to receive incoming connections, even if its
executable is specifically added to the list of programs and its
entry in the list is marked as "Block incoming connections". This
could result in the unexpected exposure of network services. This
update corrects the issue so that any executable so marked is
blocked. This issue does not affect systems prior to Mac OS X v10.5.

Application Firewall
CVE-ID: CVE-2007-4704
Available for: Mac OS X v10.5, Mac OS X Server v10.5
Impact: Changes to Application Firewall settings do not affect
processes started by launchd until they are restarted
Description: When the Application Firewall settings are changed, a
running process started by launchd will not be affected until it is
restarted. A user might expect changes to take effect immediately and
so leave their system exposed to network access. This update corrects
the issue so that changes take effect immediately. This issue does
not affect systems prior to Mac OS X v10.5.

Posted by Leo at 20:12 | Permalink

TrackBack

TrackBack-Adresse für diesen Eintrag:
https://www.typepad.com/services/trackback/6a00d83451c7b569e200e54f97acc88834

Listed below are links to weblogs that reference Mac OS X 10.5.1 steht bereit:

» Leopard 10.5.1 from JMCblog
Es hat nicht mal einen Monat gedauert, da kam schon das erste größere Update für Leopard. Nachdem es keine Berichte über größere Probleme gab, hab ich es auch eingespielt. Bisher scheint alles zu laufen Weitere Infos zum Update findet sich unt... [Mehr erfahren]

verlinkt am 16.11.2007 13:52:22