Home / mailings APPLE-SA-2011-09-09-1 Security Update 2011-005
Posted on 09 September 2011
Apple Security-announce-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2011-09-09-1 Security Update 2011-005
Security Update 2011-005 is now available and addresses the
following:
Certificate Trust Policy
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,
OS X Lion v10.7.1, OS X Lion Server v10.7.1
Impact: An attacker with a privileged network position may intercept
user credentials or other sensitive information
Description: Fraudulent certificates were issued by multiple
certificate authorities operated by DigiNotar. This issue is
addressed by removing DigiNotar from the list of trusted root
certificates, from the list of Extended Validation (EV) certificate
authorities, and by configuring default system trust settings so that
DigiNotar's certificates, including those issued by other
authorities, are not trusted.
For Mac OS X v10.6.8 and Mac OS X Server v10.6.8
The download file is named: SecUpd2011-005Snow.dmg
Its SHA-1 digest is: 065f5f9a9263a2cd164ea61d1d59c63b1362df0b
For OS X Lion v10.7.1 and OS X Lion Server v10.7.1
The download file is named: SecUpd2011-005Lion.dmg
Its SHA-1 digest is: a2971772c45f53dc251cdcd1dfa21a651c54f03f
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/