updated 04:55 pm EDT, Mon May 3, 2004
Security Update 2004-05-03
Apple has released for Mac OS X via the Software Update utility. The update offers several improvements to security, with updates made to AFP Server, CoreFoundation and IPSec. The update includes the improvements implemented with the previous security release. It is available for Jaguar and Panther users as well as for both client and server versions.
- CoreFoundation: Fixes CAN-2004-0428 to improve the handling of an
environment variable. Credit to firstname.lastname@example.org for reporting this
- Apache 2: Fixes CAN-2003-0020, CAN-2004-0113 and CAN-2004-0174 by
updating to Apache 2 to version 2.0.49.
- RAdmin: Fixes CAN-2004-0429 to improve the handling of large requests (Jaguar only)
- AppleFileServer: Fixes CAN-2004-0430 to improve the handling of long
passwords. Credit to Dave G. from @stake for reporting this issue.
- IPSec: Fixes CAN-2004-0155 and CAN-2004-0403 to improve the security
of VPN tunnels. IPSec in Mac OS X is not vulnerable to