updated 04:30 pm EDT, Mon October 4, 2004
Apple security update
Apple today released a security update to fix issues in file sharing, printing, QuickTime, and its bundled email server (postfix in Mac OS X 10 Server). Apple's Security Update 2004-09-30 "includes the following components: AFP Server, CUPS, NetInfoManager, postfix, and QuickTime." Specifically, the update fixes two Panther-related separate issues with Apple's file sharing protocol used by AFP Server, while recently discovered flaws in CUPS, affecting both Jaguar and Panther users, could allow local disclosure of passwords and a denial of service. Apple's also fixed a bug similar to the one that bit Microsoft last month, allowing attackers to execute arbitrary code when decoding the BMP image type (Microsoft's flaw was related to decoding of JPEG graphics.)
Apple noted that "The title of this security update does not match today's date," saying that parts of Cupertino and nearby cities experienced a power blackout late last week, which affected the actual release date.
It is available via the Mac OS X Software Update. are available on the web.