Apple releases Security Update 2008-007 for Mac OS X

Available for both Mac OS X Leopard (Client, Server) and Tiger (Intel Client, PowerPC Client, PowerPC Server), Security Update 2008-007 addresses a mixture of UNIX foundation and Mac-specific flaws.

Among the fixes is one for the launchd daemon that only affects Mac OS X 10.5.5. The particular implementation may sometimes fail to sandbox apps that want to be isolated from the system, potentially exposing them to attacks.

Other Mac-related problems mended in the were first discovered by outside security teams, including a remote CUPS printing exploit found by TippingPoint's Zero Day Initiative as well as holes in ColorSync, Finder, general Mac OS X networking, PSNormalizer, QuickLook, root certificates, Script Editor and Weblog.

A pair of additional, special patches close vulnerabilities in the third-party ClamAV utility and allow a single sign-on with a password in a file, allowing scripts to use the sign-on feature without dropping security.

Solutions for UNIX flaws include updated versions of Apache, libxslt, MySQL Server, PHP, Postfix, rlogin, Tomcat and vim.