Apple Releases Mega Patch

apple security patches
Apple has released a huge set of security patches for their servers and clients, ranging in size from 36mb all the way up to 350mb for the Mac OS X Server 10.4.9 Combo Update (Universal) update. They probably should have called this thing a service pack, but the client is only 36mb, so no need too I guess. The client patch makes all of these products more “secure” although it does not say how. ColorSync, CoreGraphics, Crash Reporter, cups, Directory Services, DiskImages Framework, Flash Player Plug-in, Foundation, gnutar, OpenSSH, Print Center, QuickDraw and sudo were updated.

Apple on Tuesday issued a security update for its Mac OS X to plug 45 security holes, including several zero-day vulnerabilities.

The mega patch is the seventh Apple security patch release in three months. It deals with vulnerabilities in Apple’s own software, as well as third-party components such as Adobe Systems’ Flash Player, OpenSSH and MySQL. Sixteen of the vulnerabilities addressed by the update were previously released as part of two high-profile bug-hunting campaigns. Source: Apple mega patch plugs 45 security holes

The mega patch, the one that is 350mb, has many fixes and updates in it, note the following list:

The 10.4.9 Server Update is recommended for all servers and includes fixes for the operating system and various applications, services and technologies. It includes fixes for:

  • using AFP, SMB/CIFS, NFS and FTP file sharing protocols
  • login and authentication in Open Directory and Active Directory environments
  • ensuring server?s host name is set to valid name in DNS at startup
  • synchronizing Open Directory servers and ensuring reliable replica promotion
  • membership and permissions issues when users are in more than 16 groups
  • clearing old password entries when changing password types
  • copying read-only files to AFP shares on Xsan and UFS volumes
  • copying files with extended attributes from an AFP share of an Xsan volume
  • serving files larger than 64k with Apache 2, and running JBoss
  • hosting MySQL databases and authenticating with PHP programs
  • reliably hosting mail services when handling thousands of user accounts
  • directory service usage affecting Mail server performance
  • virus filtering and quarantine; update to ClamAV version 0.88.2
  • publishing iTunes music and video formats using the Weblog server and RSS2
  • creating and hosting NetBoot and Network Install images for Intel-based Macs
  • Software Update server notifications and package synchronization
  • creating and editing reverse DNS zones in Server Admin
  • configuring up to 64 NFS server daemons in Server Admin
  • streaming movies to localized versions of the QuickTime Player
  • using VPN and DHCP services after running Gateway Setup Assistant
  • creating and rebuilding software RAID sets with Disk Utility
  • updating Kerberos keytab files when using changeip
  • pre-allocating files when using tar, cp and mv with Xsan volumes
  • rebooting SAN clients without causing other clients to hang
  • time zone and daylight saving time changes for 2006 and 2007
  • reliably running periodic scripts following server restart
  • importing users with multiple short names into LDAP domain
  • creating and managing VLANs from the command-line
  • using rsync to copy files with extended attributes
  • handling TCP Selective Acknowledgments in congested networks
  • better TCP performance with Windows clients and servers
  • compatibility with third party applications and devices
  • previous standalone security updates

Still no update for iTunes and the few problems it has with Windows Vista. They did patch a problem with iPhoto, a security problem relating to photo casts. The total for patches this year so far is:
Apple: 7, although, they fixed a lot more vulnerabilities than that.
Microsoft: 30 fixes total.