Home / mailings APPLE-SA-2009-11-09-1 Security Update 2009-006 / Mac OS X v10.6.2
Posted on 09 November 2009
Apple Security-announce-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2009-11-09-1 Security Update 2009-006 / Mac OS X v10.6.2
Security Update 2009-006 / Mac OS X v10.6.2 is now available and
addresses the following:
AFP Client
CVE-ID: CVE-2009-2819
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Accessing a malicious AFP server may lead to an unexpected
system termination or arbitrary code execution with system privileges
Description: Multiple memory corruption issues exist in AFP Client.
Connecting to a malicious AFP Server may cause an unexpected system
termination or arbitrary code execution with system privileges. This
update addresses the issues through improved bounds checking. These
issues do not affect Mac OS X v10.6 systems. Credit: Apple.
Adaptive Firewall
CVE-ID: CVE-2009-2818
Available for: Mac OS X Server v10.5.8,
Mac OS X Server v10.6 and v10.6.1
Impact: A brute force or dictionary attack to guess an SSH login
password may not be detected by Adaptive Firewall
Description: Adaptive Firewall responds to suspicious activity, such
as an unusual volume of access attempts, by creating a temporary rule
to restrict access. In certain circumstances, Adaptive Firewall may
not detect SSH login attempts using invalid user names. This update
addresses the issue through improved detection of invalid SSH login
attempts. This issue only affects Mac OS X Server systems. Credit:
Apple.
Apache
CVE-ID: CVE-2009-0023, CVE-2009-1191, CVE-2009-1195, CVE-2009-1890,
CVE-2009-1891, CVE-2009-1955, CVE-2009-1956
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Multiple vulnerabilities in Apache 2.2.11
Description: Apache is updated to version 2.2.13 to address several
vulnerabilities, the most serious of which may lead to privilege
escalation. Further information is available via the Apache web site
at http://httpd.apache.org/
Apache
CVE-ID: CVE-2009-2823
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: A remote attacker can conduct cross-site scripting attacks
against Apache web server
Description: The Apache web server allows the TRACE HTTP method. A
remote attacker may use this facility to conduct cross-site scripting
attacks through certain web client software. This issue is addressed
by updating the configuration to disable support for the TRACE
method.
Apache Portable Runtime
CVE-ID: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956, CVE-2009-2412
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Applications using Apache Portable Runtime (apr) may be
exploited for code execution
Description: Multiple integer overflows in Apache Portable Runtime
(apr) may lead to an unexpected application termination or arbitrary
code execution. These issues are addressed by updating Apache
Portable Runtime to version 1.3.8 on Mac OS X v10.6 systems, and by
applying the Apache Portable Runtime patches on Mac OS X v10.5.8
systems. Systems running Mac OS X v10.6 are affected only by
CVE-2009-2412. Further information is available via the Apache
Portable Runtime web site at http://apr.apache.org/
ATS
CVE-ID: CVE-2009-2824
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Viewing or downloading a document containing a maliciously
crafted embedded font may lead to arbitrary code execution
Description: Multiple buffer overflows exist in Apple Type Services'
handling of embedded fonts. Viewing or downloading a document
containing a maliciously crafted embedded font may lead to arbitrary
code execution. This update addresses the issues through improved
bounds checking. These issues do not affect Mac OS X v10.6 systems.
Credit: Apple.
Certificate Assistant
CVE-ID: CVE-2009-2825
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: A user may be misled into accepting a certificate for a
different domain
Description: An implementation issue exists in the handling of SSL
certificates which have NUL characters in the Common Name field. A
user could be misled into accepting an attacker-crafted certificate
that visually appears to match the domain visited by the user. This
issue is mitigated as Mac OS X does not consider such a certificate
to be valid for any domain. This update addresses the issue through
improved handling of SSL certificates.
CoreGraphics
CVE-ID: CVE-2009-2826
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple integer overflows in CoreGraphics' handling of
PDF files may result in a heap buffer overflow. Opening a maliciously
crafted PDF file may lead to an unexpected application termination or
arbitrary code execution. This update addresses the issues through
improved bounds checking. These issues do not affect Mac OS X v10.6
systems. Credit: Apple.
CoreMedia
CVE-ID: CVE-2009-2202
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Viewing a maliciously crafted H.264 movie may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in the handling of
H.264 movie files. Viewing a maliciously crafted H.264 movie file may
lead to an unexpected application termination or arbitrary code
execution. This update addresses the issue through improved bounds
checking. This issue does not affect systems prior to Mac OS X v10.6.
Credit to Tom Ferris of the Adobe Secure Software Engineering Team
for reporting this issue.
CoreMedia
CVE-ID: CVE-2009-2799
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Viewing a maliciously crafted H.264 movie may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in the handling of H.264
movie files. Viewing a maliciously crafted H.264 movie file may lead
to an unexpected application termination or arbitrary code execution.
This update addresses the issue through improved bounds checking.
This issue does not affect systems prior to Mac OS X v10.6. Credit to
an anonymous researcher working with TippingPoint and the Zero Day
Initiative for reporting this issue.
CUPS
CVE-ID: CVE-2009-2820
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Acessing a maliciously crafted website or URL may lead to a
cross-site scripting or HTTP response splitting attack
Description: An issue in CUPS may lead to cross-site scripting and
HTTP response splitting. Accessing a maliciously crafted web page or
URL may allow an attacker to access content available to the current
local user via the CUPS web interface. This could include print
system configuration and the titles of jobs that have been printed.
This issue is addressed through improved handling of HTTP headers and
HTML templates. Credit: Apple.
Dictionary
CVE-ID: CVE-2009-2831
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A user on the local network may be able to cause arbitrary
code execution
Description: A design issue in Dictionary allows maliciously crafted
Javascript to write arbitrary data to arbitary locations on the
user's filesystem. This may allow another user on the local network
to execute arbitrary code on the user's system. This update addresses
the issue by removing the vulnerable code. This issue does not affect
Mac OS X v10.6 systems. Credit: Apple.
DirectoryService
CVE-ID: CVE-2009-2828
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may cause an unexpected application
termination or arbitrary code execution
Description: A memory corruption issue exists in DirectoryService.
This may allow a remote attacker to cause an unexpected application
termination or arbitrary code execution. This update only affects
systems configured as DirectoryService servers. This update addresses
the issue through improved memory handling. This issue does not
affect Mac OS X v10.6 systems. Credit: Apple.
Disk Images
CVE-ID: CVE-2009-2827
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Downloading a maliciously crafted disk image may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in the handling of disk
images containing FAT filesystems. Downloading a maliciously crafted
disk image may lead to an unexpected application termination or
arbitrary code execution. This update addresses the issue through
improved bounds checking. This issue does not affect Mac OS X v10.6
systems. Credit: Apple.
Dovecot
CVE-ID: CVE-2009-3235
Available for: Mac OS X Server v10.6 and v10.6.1
Impact: A local user may cause an unexpected application termination
or arbitrary code execution with system privilege
Description: Multiple buffer overflows exist in dovecot-sieve. By
implementing a maliciously crafted dovecot-sieve script, a local user
may cause an unexpected application termination or arbitrary code
execution with system privileges. This update addresses the issue by
performing additional validation of dovecot-sieve scripts. This issue
affects Mac OS X Server systems only. This issue does not affect
systems prior to Mac OS X v10.6.
Event Monitor
CVE-ID: CVE-2009-2829
Available for: Mac OS X Server v10.5.8
Impact: A remote attacker may cause log injection
Description: A log injection issue exists in Event Monitor. By
connecting to the SSH server with maliciously crafted authentication
information, a remote attacker may cause log injection. This may lead
to a denial of service as log data is processed by other services.
This update addresses the issue through improved escaping of XML
output. This issue affects Mac OS X Server systems only. This issue
does not affect Mac OS X v10.6 systems. Credit: Apple.
fetchmail
CVE-ID: CVE-2009-2666
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: fetchmail is updated to 6.3.11
Description: fetchmail has been updated to 6.3.11 to address a man-
in-the-middle issue. Further information is available via the
fetchmail web site at http://fetchmail.berlios.de/
file
CVE-ID: CVE-2009-2830
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Running the file command on a maliciously crafted Common
Document Format (CDF) file may lead to an unexpected application
termination or arbitrary code execution
Description: Multiple buffer overflows vulnerabilities exist in the
file command line tool. Running the file command on a maliciously
crafted Common Document Format (CDF) file may lead to an unexpected
application termination or arbitrary code execution. These issues are
addressed by updating file to version 5.03. These issues do not
affect systems prior to Mac OS X v10.6.
FTP Server
CVE-ID: CVE-2009-2832
Available for: Mac OS X Server v10.5.8,
Mac OS X Server v10.6 and v10.6.1
Impact: An attacker with access to FTP and the ability to create
directories on a system may be able to cause unexpected application
termination or arbitrary code execution
Description: A buffer overflow exists in FTP Server's CWD command
line tool. Issuing the CWD command on a deeply nested directory
hierarchy may lead to an unexpected application termination or
arbitrary code execution. This update addresses the issue through
improved bounds checking. This issue affects Mac OS X Server systems
only. Credit: Apple.
Help Viewer
CVE-ID: CVE-2009-2808
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Using Help Viewer on an untrusted network may result in
arbitrary code execution
Description: Help Viewer does not use HTTPS for viewing remote Apple
Help content. A user on the local network may send spoofed HTTP
responses containing malicious help:runscript links. This update
addresses the issue by using HTTPS when requesting remote Apple Help
content. Credit to Brian Mastenbrook for reporting this issue.
ImageIO
CVE-ID: CVE-2009-2285
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Viewing a maliciously crafted TIFF image may lead to an
unexpected application termination or arbitrary code execution
Description: A buffer underflow exists in ImageIO's handling of TIFF
images. Viewing a maliciously crafted TIFF image may lead to an
unexpected application termination or arbitrary code execution. This
update addresses the issue through improved bounds checking.
International Components for Unicode
CVE-ID: CVE-2009-2833
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Applications that use the UCCompareTextDefault API may be
vulnerable to an unexpected application termination or arbitrary code
execution
Description: A buffer overflow exists in the UCCompareTextDefault
API, which may lead to an unexpected application termination or
arbitrary code execution. This update addresses the issue through
improved memory management. This issue does not affect Mac OS X v10.6
systems. Credit to Nikita Zhuk and Petteri Kamppuri of MK&C for
reporting this issue.
IOKit
CVE-ID: CVE-2009-2834
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: A non-privileged user may be able to modify the keyboard
firmware
Description: A non-privileged user may alter the firmware in an
attached USB or Bluetooth Apple keyboard. This update addresses the
issue by requiring system privileges to send firmware to USB or
Bluetooth Apple keyboards. Credit to K. Chen of Georgia Institute of
Technology for reporting this issue.
IPSec
CVE-ID: CVE-2009-1574, CVE-2009-1632
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Multiple vulnerabilities in the racoon daemon may lead to a
denial of service
Description: Multiple vulnerabilities in the racoon daemon's ipsec-
tools before 0.7.2 may lead to a denial of service. This update
addresses the issues by applying patches from the IPsec-Tools
project. Further information is available via the IPsec-Tools web
site at http://ipsec-tools.sourceforge.net/
Kernel
CVE-ID: CVE-2009-2835
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: A local user may cause information disclosure, an unexpected
system shutdown, or arbitrary code execution
Description: Multiple input validation issues exist in Kernel's
handling of task state segments. These may allow a local user to
cause information disclosure, an unexpected system shutdown, or
arbitrary code execution. This update addresses the issues through
improved input validation. Credit to Regis Duchesne of VMware, Inc.
for reporting this issue.
Launch Services
CVE-ID: CVE-2009-2810
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Attempting to open unsafe downloaded content may not lead to
a warning
Description: When Launch Services is called to open a quarantined
folder, it will recursively clear quarantine information from all
files contained within the folder. The quarantine information that is
cleared is used trigger a user warning prior to opening the item.
This would allow the user to launch a potentially unsafe item, such
as an application, without being presented with the appropriate
warning dialog. This update addresses the issue by not clearing this
quarantine information from the folder's content. This issue does not
affect systems prior to Mac OS X v10.6. Credit: Apple.
libsecurity
CVE-ID: CVE-2009-2409
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Support for X.509 certificates with MD2 hashes may expose
users to spoofing and information disclosure as attacks improve
Description: There are known cryptographic weaknesses in the MD2
hash algorithm. Further research could allow the creation of X.509
certificates with attacker controlled values that are trusted by the
system. This could expose X.509 based protocols to spoofing, man in
the middle attacks, and information disclosure. While it is not yet
considered computationally feasible to mount an attack using these
weaknesses, this update disables support for an X.509 certificate
with an MD2 hash for any use other than as trusted root certificate.
This is a proactive change to protect users in advance of improved
attacks against the MD2 hash algorithm. Credit to Dan Kaminsky of
IOACTIVE and Microsoft Vulnerability Research (MSVR) for reporting
this issue.
libxml
CVE-ID: CVE-2009-2414, CVE-2009-2416
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Parsing maliciously crafted XML content may lead to an
unexpected application termination
Description: Multiple use-after-free issues exist in libxml2, the
most serious may lead to an unxexpected application termination. This
update addresses the issues through improved memory handling. Credit
to Rauli Kaksonen and Jukka Taimisto from the CROSS project at
Codenomicon Ltd. for reporting these issues.
Login Window
CVE-ID: CVE-2009-2836
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: A user may log in to any account without supplying a
password
Description: A race condition exists in Login Window. If an account
on the system has no password, such as the Guest account, a user may
log in to any account without supplying a password. This update
addresses the issue through improved access checks. This issue does
not affect systems prior to Mac OS X v.10.6.
OpenLDAP
CVE-ID: CVE-2009-2408
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: A man-in-the-middle attacker may be able to impersonate a
trusted OpenLDAP server or user even when SSL is being used
Description: An implementation issue exists in OpenLDAP's handling
of SSL certificates which have NUL characters in the Common Name
field. Using a maliciously crafted SSL certificate, an attacker may
be able to perform a man-in-the-middle attack on OpenLDAP
transactions which use SSL. This update addresses the issue through
improved handling of SSL certificates.
OpenLDAP
CVE-ID: CVE-2007-5707, CVE-2007-6698, CVE-2008-0658
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in OpenLDAP
Description: Multiple vulnerabilities exist in OpenLDAP, the most
serious of which may lead a denial of service or arbitrary code
execution. This update addresses the issues by applying the OpenLDAP
patches for the referenced CVE IDs. Further information is available
via the OpenLDAP web site at http://www.openldap.org/ These issues
do not affect Mac OS X v10.6 systems.
OpenSSH
CVE-ID: CVE-2008-5161
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Data in an OpenSSH session may be disclosed
Description: An error handling issue exists in OpenSSH, which may
lead to the disclosure of certain data in an SSH session. This update
addresses the issue by updating OpenSSH to version 5.2p1. Further
information is available via the OpenSSH web site at
http://www.openssh.com/txt/release-5.2 This issue does not affect Mac
OS X v10.6 systems.
PHP
CVE-ID: CVE-2009-3291, CVE-2009-3292, CVE-2009-3293
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Multiple vulnerabilities in PHP 5.2.10
Description: PHP is updated to version 5.2.11 to address multiple
vulnerabilities, the most serious of which may lead to arbitrary code
execution. Further information is available via the PHP website at
http://www.php.net/ These issues do not affect Mac OS X v10.6
systems.
QuickDraw Manager
CVE-ID: CVE-2009-2837
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Opening a maliciously crafted PICT image may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickDraw's handling
of PICT images. Opening a maliciously crafted PICT image may lead to
an unexpected application termination or arbitrary code execution.
This update addresses the issue by performing additional validation
of PICT images. Credit to Nicolas Joly of VUPEN Vulnerability
Research Team for reporting this issue.
QuickLook
CVE-ID: CVE-2009-2838
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: Downloading a maliciously crafted Microsoft Office file may
lead to an unexpected application termination or arbitrary code
execution
Description: An integer overflow in QuickLook's handling of
Microsoft Office files may lead to a buffer overflow. Downloading a
maliciously crafted Microsoft Office file may lead to an unexpected
application termination or arbitrary code execution. This update
addresses the issue through improved bounds checking. This issue does
not affect Mac OS X v10.6 systems. Credit: Apple.
QuickTime
CVE-ID: CVE-2009-2202
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Viewing a maliciously crafted H.264 movie may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in the handling of
H.264 movie files. Viewing a maliciously crafted H.264 movie file may
lead to an unexpected application termination or arbitrary code
execution. This update addresses the issue through improved bounds
checking. This issue is already addressed in QuickTime 7.6.4 for both
Mac OS X v10.5.8 and Windows. Credit to Tom Ferris of the Adobe
Secure Software Engineering Team for reporting this issue.
QuickTime
CVE-ID: CVE-2009-2799
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Viewing a maliciously crafted H.264 movie may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in the handling of H.264
movie files. Viewing a maliciously crafted H.264 movie file may lead
to an unexpected application termination or arbitrary code execution.
This update addresses the issue through improved bounds checking.
This issue is already addressed in QuickTime 7.6.4 for both Mac OS X
v10.5.8 and Windows. Credit to an anonymous researcher working with
TippingPoint and the Zero Day Initiative for reporting this issue.
QuickTime
CVE-ID: CVE-2009-2203
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Opening a maliciously crafted MPEG-4 video file may lead to
an unexpected application termination or arbitrary code execution
Description: A buffer overflow exists in QuickTime's handling of
MPEG-4 video files. Opening a maliciously crafted MPEG-4 video file
may lead to an unexpected application termination or arbitrary code
execution. This update addresses the issue through improved bounds
checking. This issue is already addressed in QuickTime 7.6.4 for both
Mac OS X v10.5.8 and Windows. Credit to Alex Selivanov for reporting
this issue.
QuickTime
CVE-ID: CVE-2009-2798
Available for: Mac OS X v10.6 and v10.6.1,
Mac OS X Server v10.6 and v10.6.1
Impact: Viewing a maliciously crafted FlashPix file may lead to an
unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in QuickTime's handling
of FlashPix files. Viewing a maliciously crafted FlashPix file may
lead to an unexpected application termination or arbitrary code
execution. This update addresses the issue through improved bounds
checking. This issue is already addressed in QuickTime 7.6.4 for both
Mac OS X v10.5.8 and Windows. Credit to Damian Put working with
TippingPoint and the Zero Day Initiative for reporting this issue.
FreeRADIUS
CVE-ID: CVE-2009-3111
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may terminate the operation of the RADIUS
service
Description: An issue exists in FreeRADIUS in the handling of
Access-Request messages. A remote attacker may cause the RADIUS
service to terminate by sending an Access-Request message containing
a Tunnel-Password attribute with a zero-length attribute value. After
any unexpected termination, the RADIUS service will be automatically
restarted. This update addresses the issue through improved
validation of zero-length attributes. This issue does not affect Mac
OS X v10.6 systems.
Screen Sharing
CVE-ID: CVE-2009-2839
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Accessing a malicious VNC server may lead to an unexpected
application termination or arbitrary code execution
Description: Multiple memory corruption issues exist in the Screen
Sharing client. Accessing a malicious VNC server, such as by opening
a vnc:// URL, may cause an unexpected application termination or
arbitrary code execution. This update addresses the issues through
improved memory handling. This issue does not affect Mac OS X v10.6
systems. Credit: Apple.
Spotlight
CVE-ID: CVE-2009-2840
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A local user may manipulate files with the privileges of
another user
Description: An insecure file operation exists in Spotlight's
handling of temporary files. This could allow a local user to
overwrite files with the privileges of another user. This update
addresses the issue through improved handling of temporary files.
This issue does not affect Mac OS X v10.6 systems. Credit: Apple.
Subversion
CVE-ID: CVE-2009-2411
Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,
Mac OS X v10.6 and v10.6.1, Mac OS X Server v10.6 and v10.6.1
Impact: Accessing a Subversion repository may lead to an unexpected
application termination or arbitrary code execution
Description: Multiple heap buffer overflows in Subversion may lead
to an unexpected application termination or arbitrary code execution.
This update addresses the issues by updating Subversion to version
1.6.5 for Mac OS X v10.6 systems, and by applying the Subversion
patches for Mac OS X v10.5.8 systems. Further information is
available via the Subversion web site at
http://subversion.tigris.org/
Security Update 2009-006 / Mac OS X v10.6.2 may be obtained from
the Software Update pane in System Preferences, or Apple's Software
Downloads web site:
http://www.apple.com/support/downloads/
The Software Update utility will present the update that applies
to your system configuration. Only one is needed, either
Security Update 2009-006 or Mac OS X v10.6.2.
For Mac OS X v10.6.1
The download file is named: MacOSXUpd10.6.2.dmg
Its SHA-1 digest is: f222714b67a8a982f6d11df51987dd09a448130d
For Mac OS X v10.6
The download file is named: MacOSXUpdCombo10.6.2.dmg
Its SHA-1 digest is: adbe2e8a81e227c1903dd049b6a3ea5f60b6ea49
For Mac OS X Server v10.6.1
The download file is named: MacOSXServerUpd10.6.2.dmg
Its SHA-1 digest is: 06ba39076d1f56d216e1dafde7b9e7c93fdcd4dc
For Mac OS X Server v10.6
The download file is named: MacOSXServerUpdCombo10.6.2.dmg
Its SHA-1 digest is: ff61766cb34e82a5aa2d813392511c00231de684
For Mac OS X v10.5.8
The download file is named: SecUpd2009-006.dmg
Its SHA-1 digest is: 8eb0c42c84cf8eebe025d64114dbc861a99a67b0
For Mac OS X Server v10.5.8
The download file is named: SecUpdSrvr2009-006.dmg
Its SHA-1 digest is: b8570d8c678b68ea5d9163af5232a91d8670cf5c
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/