Apple fixes Safari RSS vulnerability, updates JavaApple on Thursday afternoon released Security Update 2009-001 that, among other fixes, tackles the Safari RSS vulnerability made public last month. Also, a Java for Mac OS X update delivers security and compatibility improvements for users running Leopard or Tiger.
Security Update 2009-001
The new update is available in many flavors through Software Update for Leopard (43.4MB), Server Universal (213MB), Tiger PowerPC (74MB), Leopard Server (46.54MB), Tiger Server PowerPC (141.76MB), and Tiger Intel (164.23MB).
According to Apple, the update fixes the security flaw found in Safari last month that opened the door to malicious websites accessing personal information through an RSS feed.
Other fixes are enclosed for vulnerabilities in the X11 server, AFP server, Apple Pixlet Video, a memory corruption issue in CarbonCore, and a flaw where local users could access another user's deleted, then recreated, Downloads folder, to name a few.
Tiger-specific vulnerabilities repaired with the round of fixes were found in FreeType and LibX11. According to the document, computers running Leopard are either not affected by these two issues or have already been fixed in Mac OS X 10.5.6.
Apple Support has the full release notes.
Java for Mac OS X 10.5 Update 3, 10.4 Release 8
Leopard users are asked to install Java for Mac OS X 10.5 Update 3 (3MB), which improves the security and compatibility of Java on Mac OS X 10.5.6 and later.
Details are few, but Apple says the release updates the Java Web Start and Java Applet components.
Users of Apple's older Tiger release are being given Java for Mac OS X 10.4 Release 8 (1.6MB) through Software Update to update the same Web Start and Applet components in the earlier software.
On Topic: Mac OS X
- New adware scripts mouse clicks to access OS X Keychain, could lead to password theft
- Apple releases 8th developer, 6th public betas of OS X 10.11 El Capitan
- Apple releases Logic Pro X 10.2, MainStage 3.2 updates with Alchemy synthesizer
- VMware launches Fusion 8 with Windows 10 & OS X El Capitan support
- Apple issues sixth Xcode 7 beta to developers with minor bug fixes