PDA

View Full Version : Security Update 2007-007, Safari 3.0.3




Eidorian
Jul 31, 2007, 07:42 PM
I see Samba.



tvguru
Jul 31, 2007, 07:45 PM
Don't know if it's been mentioned, but Safari 3.0.3 as well (Beta)

awatiker
Jul 31, 2007, 07:46 PM
Safari Beta 3.03 is also up now. It includes "security and stability" improvements.

Eidorian
Jul 31, 2007, 07:46 PM
Don't know if it's been mentioned, but Safari 3.0.3 as well (Beta)I see this on Windows as well.

MacTCP
Jul 31, 2007, 07:58 PM
I'm installing the Security Update now. It's nice that Panther still gets updates even when Leopard will be released in a few months.

chipfinch@mac.c
Jul 31, 2007, 08:01 PM
Safari now remembers the logo of web sites bookmarked. It used to just default back to the globe every time I restarted Safari. Cool.

NoRights
Jul 31, 2007, 08:14 PM
Funny, I figured the first bug Apple would fix in the Safari beta by now would have been that pesky full screen problem. Oh well

supremedesigner
Jul 31, 2007, 08:42 PM
This is a bit odd of saying but I've noticed the fonts are different:

If you click "Safari 3 Beta Update" and you'll see Times font description.

If you clikc "Security Update ...." and you'll see different font description. Strange, huh?

(see attachs below)

shemp9999
Jul 31, 2007, 08:44 PM
Love verbose detail of "bug fixes".

Looks like safari, webcore and webkit are the only updates. this is verbose:

<http://docs.info.apple.com/article.html?artnum=306173>

i manually changed my ring tone, so for penance, i get to restore, too. i like that a backup of my syncing preferences was available to easily restore the data. makes me feel a bit better about hacking around the iPhone. maybe i'll try iFuntastic once the phone is back up and running.

Doctor Q
Jul 31, 2007, 08:59 PM
bzip2 - Running bzgrep on a file with a maliciously crafted name may lead to arbitrary code executionA file name handling issue exists in bzgrep. By enticing a user into running bzgrep on a file with a maliciously crafted name, an attacker may trigger the issue which may lead to arbitrary code execution. This update addresses the issue through improved handling of file names.
CFNetwork - Clicking on an FTP URI may cause arbitrary FTP commands to be issuedBy enticing a user to follow a maliciously crafted FTP URI, an attacker can cause the user's FTP client to issue arbitrary FTP commands to any accessible FTP server, using the credentials of the user. This update addresses the issue by performing additional validation of FTP URIs.
CFNetwork - Applications using CFNetwork to make HTTP requests may be vulnerable to a response splitting attackAn HTTP response splitting vulnerability exists in CFNetwork. By sending a maliciously crafted HTTP response to a user's HTTP request, an attacker may alter the user's consecutive responses, which could lead to cross-site scripting. This update addresses the issue through improved parsing of HTTP responses. Credit to Steven Kramer of sprintteam.nl for reporting this issue.
CoreAudio - Visiting a malicious website may lead to arbitrary code executionA design issue exists in the Java interface to CoreAudio. JDirect exposes an interface that may allow freeing arbitrary memory. By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional security checks in the Java interface to CoreAudio.
CoreAudio - Visiting a malicious website may lead to arbitrary code executionAn issue exists in the Java interface to CoreAudio, which may allow reading or writing out of the bounds of the allocated heap. By enticing a user to visit a web page containing a maliciously crafted Java applet, anattacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional bounds checking.
CoreAudio - Visiting a malicious website may lead to arbitrary code executionAn issue exists in the Java interface to CoreAudio, which may allow instantiation or manipulation of objects outside the bounds of the allocated heap. By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to arbitrary code execution. This update addresses the issue by performing additional security checks in the Java interface to CoreAudio.
cscope - Multiple vulnerabilities in CscopeCscope is updated to version 15.6 to address several vulnerabilities, the most serious of which are buffer overflow and insecure temporary file creation vulnerabilities. Further information is available via the Cscope web site at http://cscope.sourceforge.net/
gnuzip - Running zgrep on a file with a maliciously crafted name may lead to arbitrary code executionA file name handling issue exists in zgrep. By enticing a user into running zgrep on a file with a maliciously crafted name, an attacker may trigger the issue which may lead to arbitrary code execution. This update addresses the issue by through improved file names handling.
iChat - An attacker on the local network may be able to cause a denial of service or arbitrary code executionA buffer overflow vulnerability exists in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings on home NAT gateways in iChat. By sending a maliciously crafted packet, an attacker on the local network can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation when processing UPnP protocol packets in iChat.
Kerberos - Multiple vulnerabilities in the MIT krb5 Kerberos administration daemonMultiple vulnerabilities exists in the MIT Kerberos administration daemon (kadmind), which may lead to an unexpected application termination or arbitrary code execution with system privileges. Further information on the issue and the patch applied is available via the MIT Kerberos website at http://web.mit.edu/Kerberos/ Credit to the MIT Kerberos Team for reporting these issues, which were originally discovered by Wei Wang of McAfee Avert Labs.
mDNSResponder - An attacker on the local network may be able to cause a denial of service or arbitrary code executionA buffer overflow vulnerability exists in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code used to create Port Mappings on home NAT gateways in the Mac OS X implementation of mDNSResponder. By sending a maliciously crafted packet, an attacker on the local network can trigger the overflow which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by removing UPnP IGD support. This issue does not affect systems prior to Mac OS X v10.4.
PDFKit - Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code executionAn integer underflow exists in Preview's handling of PDF files. By enticing a user to open a maliciously crafted PDF file, an attacker may trigger the issue which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PDF files. This issue does not affect systems prior to Mac OS X v10.4.
PHP - Multiple vulnerabilities in PHP 4.4.4PHP is updated to version 4.4.7 to address several vulnerabilities. Further information is available via the PHP web site at http://www.php.net.
Quartz Composer - Viewing a maliciously crafted Quartz Composer file may lead to an unexpected application termination or arbitrary code executionAn uninitialized object pointer vulnerability exists in the handling of Quartz Composer files. By enticing a user to view a maliciously crafted Quartz Composer file, an attacker may trigger the issue which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing proper initialization of object pointers. This issue does not affect systems prior to Mac OS X v10.4.
Samba - When Windows file sharing is enabled, an unauthenticated remote attacker may cause an unexpected application termination or arbitrary code executionMultiple heap buffer overflows exist in the Samba daemon. By sending maliciously crafted MS-RPC requests, a remote attacker can trigger the overflow which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of MS-RPC requests.
Samba - When Windows file sharing is enabled, an unauthenticated remote attacker may be able to execute arbitrary shell commandsA command injection vulnerability exists in the Samba daemon. By sending maliciously crafted MS-RPC requests, a remote attacker can trigger the command injection. This update addresses the issue by performing additional validation of MS-RPC requests. This issue does not affect the default Samba configuration.
Samba - When Windows file sharing is enabled, users may bypass file system quotasAn issue exists in Samba when a server process drops its privileges. This could allow the quota enforcement to be bypassed, and the file system quota to be exceeded. This update addresses the issue by properly dropping privileges. Credit to Mike Matz of Wyomissing Area School District for reporting this issue.
SquirrelMail - Multiple vulnerabilities in SquirrelMail 1.4.5SquirrelMail is updated to version 1.4.10 to address several vulnerabilities, the most serious of which is cross-site scripting triggered by viewing HTML mail. Further information is available via the SquirrelMail web site at http://www.SquirrelMail.org/
Tomcat - Multiple vulnerabilities in TomcatTomcat is updated to version 4.1.36 to address several vulnerabilities, the most serious of which are cross-site scripting and information disclosure. Further information is available via the Tomcat site at http://tomcat.apache.org/ These issues do not affect systems prior to Mac OS X v10.4.
WebCore - Visiting a malicious website may allow Java applets to load and run even when Java is disabledDescription: Safari provides an "Enable Java" preference, which when unchecked should prevent the loading of Java applets. By default, Java applets are allowed to be loaded. Navigating to a maliciously crafted web page may allow a Java applet to be loaded without checking the preference. This update addresses the issue through a stricter check of the "Enable Java" preference. Credit to Scott Wilde for reporting this issue.
WebCore - Content may be injected into HTML comments leading to cross-site scripting attacksAn issue exists in WebCore when parsing comments inside an HTML title element. This can allow an attacker to insert scripts into a web page on sites which allow the page owner to enter HTML, but not scripts. This update addresses the issue by correctly parsing comments in title elements.
WebCore - Visiting a malicious website may lead to the disclosure of URL contentsA design issue in WebCore allows a popup window to read the URL that is currently being viewed in the parent window. By enticing a user to visit a maliciously crafted web page, an attacker can trigger the issue, which may lead to the disclosure of information via the URL contents. This update addresses the issue through an improved cross-domain security check. Credit to Secunia Research for reporting this issue.
WebCore - Visiting a malicious website may allow cross-site scriptingIn Safari, properties of certain global objects are not cleared when navigating to a new URL within the same window. By enticing a user to visit a maliciously crafted web page, an attacker may trigger the issue which may lead to cross-site scripting. This update addresses the issue by properly clearing global objects.
WebKit - Look-alike characters in a URL could be used to masquerade a websiteThe International Domain Name (IDN) support and Unicode fonts embedded in Safari could be used to create a URL which contains look-alike characters. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This update addresses the issue by through an improved domain name validity check.
WebKit - Viewing a maliciously crafted web page may lead to arbitrary code executionDescription: Heap buffer overflows exist in the Perl Compatible Regular Expressions (PCRE) library used by the JavaScript engine in Safari. By enticing a user to visit a maliciously crafted web page, an attacker may trigger the issue, which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Credit to Charlie Miller and Jake Honoroff of Independent Security Evaluators for reporting these issues.

amac4me
Jul 31, 2007, 09:08 PM
I'm glad to see updates that will further protect Mac OS X users.

shawnce
Jul 31, 2007, 09:20 PM
Just got to the following link to see current information about security updates...

http://docs.info.apple.com/article.html?artnum=61798

creator2456
Jul 31, 2007, 09:37 PM
I don't use the Safari 3 Beta and after the update Safari 2 restored to default settings. Not a big problem but just an inconvenience.

andyh2
Jul 31, 2007, 09:46 PM
For all you people still complaining about Safari 3, check out http://nightly.webkit.org

Those are the nightlies of safari 3, straight from the webkit dev team :)

see if the latest nightly fixes your problem.

Makosuke
Aug 1, 2007, 01:20 AM
Yay! Samba fixes!

I was just in the process of figuring out how to manually update the samba install on my work server (we definitely need that Windows sharing), but this is a whole lot easier.

Glad I waited a few hours now.

gnasher729
Aug 1, 2007, 01:25 AM
Safari Beta 3.03 is also up now. It includes "security and stability" improvements.

Safari 3.0 for Windows: Displayed everything very nice and quick on Windows, except fonts. No fonts for me whatsoever. Unusable.

Safari 3.0.1 for Windows: When started, displays about one quarter of a window, then crashes. Doesn't get far enough to use the bug reporting feature.

I'll try 3.03 then.

madmax_2069
Aug 1, 2007, 03:24 AM
allot needs to be done to safari beta 3 for OS X. i kept running into system lockups when browsing youtube with beta 3 on OS X.

i dont know why the windows version only got the improved stability and not the OS X version.

yea safari beta 3 does allot better displaying web pages than safari 2 does. but the issues in beta 3 make it where i will stay with 2 till beta 3 is final.

Apple needs to kick Adobes but to make them fix flash for Mac and get it optimized. its just stupid on how bloated and slow it is compared to the PC's version.

Cabbit
Aug 1, 2007, 04:48 AM
is safari 3 beta mac usable yet, last time i tryed it messed up msn,yahoo,and adium?

cube
Aug 1, 2007, 05:52 AM
NOO!! A security update that requires the buggy 10.4.10? This is unacceptable!

CJD2112
Aug 1, 2007, 08:34 AM
lol Good job in splitting the updates into "iPhone" and "the rest", but it's interesting that there are only 19 comments posted (now 20) under other updates and 189 for the iPhone... :D

ortuno2k
Aug 1, 2007, 08:38 AM
I haven't done it yet - I'll wait a few days, just as I'm also waiting to do the update for the airport for my MBP.
I starting to become skeptical on the stability of some of these updates - after 10.4.10 did some tricky things, I don't know what to expect anymore.
I'm glad these updates are out, though.

Hard-Hat-Mac
Aug 1, 2007, 08:52 AM
Before when I had my MBP sitting right in front of my FiOS wifi router it always had a full signal. Since the airport update it now varies back and forth between full and one bar below full. Is this just a more accurate read of the signal or is the airport now not receiving as as strong a signal? I hope it's not the latter. Grrrrrrrrrrrrrrr :mad:


HHM

sartinsauce
Aug 1, 2007, 09:22 AM
Safari now remembers the logo of web sites bookmarked. It used to just default back to the globe every time I restarted Safari. Cool.

Are you on OS X or Windoze? I've been running it on XP since the Stevenote (and updating as they come) and it's always held onto said icons...

Snowy_River
Aug 1, 2007, 10:24 AM
Well, Safari 3.0.3 still won't work on my WinXP machine. It still asks for me to log into the WebURLProtectionSpaceProxyHTTP.

I wonder if Apple is ever going to fix this problem... :(

sartinsauce
Aug 1, 2007, 10:26 AM
Well, Safari 3.0.3 still won't work on my WinXP machine. It still asks for me to log into the WebURLProtectionSpaceProxyHTTP.

I wonder if Apple is ever going to fix this problem... :(

Yeah, all the Safari bugs I read about, and there are people who still think that Apple is gonna release the whole OS for PCs... that seems like crazy talk to me.

macnvrbck
Aug 1, 2007, 10:54 AM
I'm been TRYING to stick with this beta Safari for Windoze on my work laptop but I still have to go back to IE. Why...

1. The BACKSPACE button still does not go back 1 page. This is very much needed.

2. AOL WebMail still does not work properly in Safari.

I've also noticed Safari being a memory hog. When it starts up it takes a few seconds to load and the fans on my laptop start. BTW - It works great on my PowerBook.

verniesgarden
Aug 1, 2007, 12:21 PM
somethings wrong and i don't know how to fix it

i do not see any safari or security update in my updater and when i try the manual updates its says my volume doesnt meet the requirements, i've tried repairing permissions

any ideas?

Snowy_River
Aug 1, 2007, 01:26 PM
Yeah, all the Safari bugs I read about, and there are people who still think that Apple is gonna release the whole OS for PCs... that seems like crazy talk to me.

What does this have to do with my problem? There are NO other web browsers that require something like this, and there seem to be no solutions, either. No one that I know of who has had this problem have found a solution.

twoodcc
Aug 1, 2007, 03:07 PM
I'm glad to see updates that will further protect Mac OS X users.

yeah me too. i'm not sure if i want to install the safari beta on my mac though.

offwidafairies
Aug 1, 2007, 03:26 PM
i felt like i was using a mac when apple update popped up on my pc for this safari update. ;) i live in hope. i feel a little like a man trapped in a woman's body using safari and itunes and airport utility in windows :p

absoluttl
Aug 1, 2007, 04:34 PM
Apple needs to kick Adobes but to make them fix flash for Mac and get it optimized. its just stupid on how bloated and slow it is compared to the PC's version.

I second that :) I was visiting the W hotel's website and forgot to shut it off (i have a few browsers opened and two of them were Adobes flash websites). My SR MBP's fan was running crazy because safari was using like 20% of the processing power (gathered from istats pro).

pgwalsh
Aug 1, 2007, 04:57 PM
Well I haven't seen an complaints about the security update, so I guess I'll be one of the few.

For some reason, the security patch killed spotlight on my Mac Pro. I've trashed the database and a whole lot more, but it won't work. It's indexed my drive 3 times and I still can't search for anything. Well, it's not the end of the world.

jellomizer
Aug 1, 2007, 05:00 PM
I didn't notice a major speed difference but when typing I don't get random beachballs though... There still is an issue of highlighting text in RSS though.

Cloudsurfer
Aug 1, 2007, 05:33 PM
did the 3.0.3 Safari update fix the issue with Microsoft Messenger 6?

Damek
Aug 2, 2007, 11:25 AM
Safari 3.0.3 on Windows XP definitely seems more stable here, or feels that way anyway.

But still no "View all RSS feeds in folder" for bookmarked RSS feeds. Kinda the whole point of Safari on Windows for me, otherwise Firefox is just fine, thanks.

I know it's meant more so developers can test their iPhone voodoo, but as I don't have plans to get an iPhone nor am I a developer, I just want Safari for the best-in-class RSS feed behavior. Which they haven't kept in the Windows version. Shame.

Fairly
Aug 3, 2007, 07:14 AM
Has anybody seen this?
http://securityevaluators.com/iphone/bh07.pdf

Has anybody read it?

Tomaz
Aug 3, 2007, 08:43 AM
When will Safari FINALLY support Gmail completely ?????

There's STILL no gchat and no support for the "text format toolbar".

Come on Apple, you claim to work so closely together with Google (iphone...), do something! :mad:


Also, since the two updates, Safari crashes on me quite often and iTunes crashed my computer 3 or 4 times yesterday!! That has not happened for months before the update. Maybe I should downgrade.. :(

dissdnt
Aug 3, 2007, 11:30 PM
I know this may sound odd, but since this update my macbook has been running super hot. over 160F with my fan speed cranked up to 6000rpm's. Usually i can get it down to 98-115 when i ramp up the fan that much..

Anyone notice this or am i nuts? hehe

joshiieee
Aug 6, 2007, 12:58 AM
nevermind.