Apple Mac OS X 10.5.4 Bolsters Performance, Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Infrastructure // PC & Servers
06:34 PM
Connect Directly

Apple Mac OS X 10.5.4 Bolsters Performance, Security

Nine of the 25 vulnerabilities addressed affect the Tomcat 4.1.36, which comes bundled with Mac OS X v10.4.11 systems.

Apple on Monday released Mac OS X 10.5.4, which addresses operating system and application performance issues and fixes 25 security vulnerabilities.

The update, available from Apple's Web site and through the Mac OS X Software Update control panel, resolves problems with saving and reopening Adobe Creative Suite 3 files on a remote server, adds RAW image support for several cameras, addresses a potential X11 installation issue, and improves L2TP VPN client reliability.

The update also improves the reliability of Apple's wireless AirPort hardware with 5-GHz networks and certain music applications. It improves iCal syncing and fixes several other iCal issues. It resolves potential Safari performance issues when loading secure Web pages and when accessing secure Web pages with client certificates that reside on a smart card.

In addition, the update fixes several Spaces and Expose bugs.

The security portion of the update affects the following operating system components: Alias Manager, CoreTypes, c++filt, Dock, Launch Services, Net-SNMP, Ruby, SMB File Server, System Configuration, Tomcat, VPN, and WebKit.

Nine of the 25 vulnerabilities addressed affect the Tomcat 4.1.36, which comes bundled with Mac OS X v10.4.11 systems. The fixed version of Tomcat is now 4.1.37. Mac OS X 10.5 comes with Tomcat version 6.x and thus it not affected.

Six of the 25 vulnerabilities affect the Ruby programming language. "Multiple memory corruption issues exist in Ruby's handling of strings and arrays, the most serious of which may lead to arbitrary code execution," Apple explains. "This update addresses the issue by performing additional validation of strings and arrays." One Ruby fix addresses a vulnerability related to the way Ruby's WEBrick toolkit handles capitalization.

The Alias Manager, Launch Services, and System Configuration issues are specific to Mac OS X v10.4.11 and Mac OS X Server v10.4.11. They do not affect Mac OS X 10.5.

The Dock fix closes a vulnerability that could have allowed a person with physical access to a Mac protected by a screen saver password or wake-from-sleep password to bypass the password screen if Expose hot corners happened to be active.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
CIOs Face Decisions on Remote Work for Post-Pandemic Future
Joao-Pierre S. Ruth, Senior Writer,  2/19/2021
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
CRM Trends 2021: How the Pandemic Altered Customer Behavior Forever
Jessica Davis, Senior Editor, Enterprise Apps,  2/18/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll