--
For a few days, the OS X 10.8.4 Combo update was corrupt on at least one Apple server, throwing "invalid checksum" errors whenever the .dmg file was attempted to be opened.
NOTE: If you downloaded the "OSXUpdCombo10.8.4.dmg" file for future use and have not yet attempted opening the file, I suggest you do so IMMEDIATELY. Apple has repaired the server problem, at least from my personal experience, providing a working replacement for the bad file.
Below are the links for the various updates and their security documents:
OS X Mountain Lion Update v10.8.4 Combo
http://support.apple.com/downloads/DL1659/en_US/OSXUpdCombo10.8.4.dmg
OS X Mountain Lion Update v10.8.4 (for updating from 10.8.3)
http://support.apple.com/downloads/DL1658/en_US/OSXUpd10.8.4.dmg
Security Update 2013-002 Server (Lion)
Security Update 2013-002 Client (Lion)
Security Update 2013-002 Server (Snow Leopard)
http://support.apple.com/downloads/DL1663/en_US/SecUpdSrvr2013-002.dmg
Security Update 2013-002 Client (Snow Leopard)
http://support.apple.com/downloads/DL1660/en_US/SecUpd2013-002.dmg
Safari 6.0.5: Only available via Software Update within OS X 10.7.5. Included with the 10.8.4 update.
About the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002
http://support.apple.com/kb/HT5784
NOTE: As of this listing, Apple's security content document for Security Update 2013-002 mistakenly neglects to place OS X 10.6.8 in its "Products Affected" listing. Sad to say, this is in keeping with Apple's recent penchant for screwing up their documentation. Despite this error, further down the document can be found 25 security patches relevant to OS X 10.6.8.
Apple: You MUST improve your documentation. (0_o)
Safari 6.0.5: Only available via Software Update within OS X 10.7.5. Included with the 10.8.4 update.
About the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002
http://support.apple.com/kb/HT5784
NOTE: As of this listing, Apple's security content document for Security Update 2013-002 mistakenly neglects to place OS X 10.6.8 in its "Products Affected" listing. Sad to say, this is in keeping with Apple's recent penchant for screwing up their documentation. Despite this error, further down the document can be found 25 security patches relevant to OS X 10.6.8.
Apple: You MUST improve your documentation. (0_o)
About the security content of Safari 6.0.5
http://support.apple.com/kb/HT5785
iTunes 11.0.4 for both Mac and Windows was also released this week but it contained no security patches.
Safari 6.0.5 features 26 security patches, all of which affect Webkit. 11 of the patched security holes were discovered by members of the Google Chrome Security Team. Again, I'm sorry to see Google leaving the Webkit project behind.
Security Update 2013-002 lists:
- 24 security patches relevant to OS X 10.8.4
- 19 security patches relevant to OS X 10.7.5
- 25 security patches specific to OS X 10.6.8 (as noted above).
- CFNetwork
- CoreAnimation
- CoreMedia Playback
- CUPS
- Disk Management
- OpenSSL
- QuickDraw Manager
- QuickTime
- SMB
- CoreMedia Playback
- OpenSSL
- QuickDraw Manager
- QuickTime
- SMB
- Directory Service
- OpenSSL
- QuickTime
- Ruby
Recently, I've been chatting with people who believe Apple has all but abandoned QuickTime. Obviously, the QuickTime security patches provided in 2013-002 prove that to be incorrect. So what's with the antiquated QuickTime Internet plugin and components? Clearly, improving more than the security of QuickTime is NOT on Apple's radar. (0_o)
If you're interested in details about the patched CVE issues listed in the security content documents, you can check them out via the CVE Search link on the right side of this page, as well as by searching at both SecurityTracker and SecurityFocus, also linked at the right.
Share and Enjoy,
:-Derek
No comments:
Post a Comment