Impact: Permitting SUID/SGID scripts to be installed could lead to privilege escalation. Credit to Dino Dai Zovi for reporting this issue. The issue is addressed by removing the syscall emulation functionality. Insufficient validation of an input parameter list could result in a heap overflow and a local denial of service through a kernel panic. Impact: A kernel input validation issue can lead to a local denial of serviceĭescription: The Kernel contains syscall emulation functionality that was never used in Mac OS X. Mac OS X v10.3.9 and Mac OS X Server v10.3.9 are now available and deliver the following security enhancements: On occasion, when a security fix is required to a core system component such as the Kernel, it will be released in a Software Update." "Note: It is Apple's standard practice to provide security fixes via a Security Update. That is a lot of CAN entries for a update that is "mostly bugfixes."įor whatever reason apple felt icky about calling it an "update," so they threw in this language: But there are also some important security fixes in the bag. There are definitely some bugfixes for stickies and the like.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |