updated 06:00 pm EST, Mon February 11, 2008
January security updates
Apple's latest Mac OS X Leopard 10.5.2 update and 2008-001 security update for 10.4 Tiger users fixes a number of different vulnerabilities that have existed in a number of different system resources. A stack buffer overflow in Directory Services could allow a local user to execute arbitrary code, while still maintaining system privileges. The issue is resolved by improved bounds checking, and is included with the update.
Foundation, NFS, and Launch services contained issues for Leopard users, as well as X11 and Parental Controls. These issues were resolved in the 10.5.2 update.
Both Leopard and Tiger users were susceptible to vulnerabilities in Samba and Terminal services, while Tiger also contained an issue in the Open Directory service.
Apple offers a complete list of issues, and what was fixed, on its website.