updated 05:10 pm EST, Tue February 5, 2008
iPhoto, more updated
Apple today issued updates to its iPhoto, Braille Display, and ProKit software. The newly released iPhoto 7.1.2 addresses issues when publishing photos to a .Mac Web Gallery, improves overall stability, and fixes several other minor issues, according to Apple. The issue could arise when users subscribe to a maliciously crafted photocast, which may lead to arbitrary code execution.
"A format string vulnerability exists in iPhoto. By enticing a user to subscribe to a maliciously crafted photocast, a remote attacker may cause arbitrary code execution. This update addresses the issue through improved handling of format strings when processing photocast subscriptions," Apple wrote. "Credit to Nathan McFeters of Ernst & Young's Advanced Security Center for reporting this issue."
Apple's Braille Display Update 1.0 adds support to Apple's screen reading software, called VoiceOver, in Mac OS X 10.5 with additional refreshable Braille displays:
- GW Micro BrailleSense
- GW Micro SyncBraille 20
- GW Micro SyncBraille 32
- HandyTech Easy Braille
- HandyTech Braille Star 40
- HandyTech Braille Star 80
- HIMS BrailleSense
- HIMS SyncBraille 20
- HIMS SyncBraille 32
- Nippon Telesoft Seika Version 3
- Papenmeier Braillex Trio
The Braille Display update requires Mac OS X 10.5 or later.
The release of ProKit 4.5 improves reliability for Apple's professional applications, according to the company, and is recommended for all users of Final Cut Studio, Final Cut Express, Aperture, Logic Studio, and Logic Express.