Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Releases Safari Beta 3.0.2, Security Update 2007-006

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
69,964
41,452


Apple has released an update to its Safari browser, Beta 3.0.2 for Mac and PC via its website and Software Update.

Changes in Safari 3.0.2 for Windows beta:
- Latest security updates
- Improved stability
- Fixes for text display, non-English systems, and start-up times

Changes in Safari 3.0.2 for Mac OS X beta:
-Latest security updates
-Improved stability
-Improved WebKit support for Mail, iChat and Dashboard
Click to expand...

Also released today is Security Update 2007-006 for Mac OS 10.3.9 and Mac OS 10.4.9 and later. The update addresses two vulnerabilities in WebKit, one of which could lead to an unexpected application termination or arbitrary code execution. More information on the update can be found here.

Though still in beta, the initial release of Safari 3.0 had seen 8 vulnerabilities discovered within 24 hours of its release, some of which were cross-platform. Apple quickly released Safari 3.0.1 for Windows which addressed some of the Windows-specific vulnerabilities discovered.
 
Article Link
https://www.macrumors.com/2007/06/22/apple-releases-safari-beta-3-0-2-security-update-2007-006/
I think people with 10.4.10 don't need the security update.I tried to install it and it wouldn't let me.
 

Attachments

  • securityupdatenogo.jpg
    securityupdatenogo.jpg
    63.4 KB · Views: 210
I actually think that you won't get both updates if you are running the beta...since the security update patches WebKit, maybe it's part of the Safari beta update? And those not running the beta will get the security update?
 
3.0.2 still didn't fix the fact that the white headlines within the red bar on the MR front page news items are wayyyy tooo booold. As is everything else. It is so thick and blurry. So much for text display fixes.
 
Security Update 2007-006 details

WebCore

Visiting a malicious website may allow cross-site requests
An HTTP injection issue exists in XMLHttpRequest when serializing headers into an HTTP request. By enticing a user to visit a maliciously crafted web page, an attacker could conduct cross-site scripting attacks. This update addresses the issue by performing additional validation of header parameters. Credit to Richard Moore of Westpoint Ltd. for reporting this issue.​

WebKit

Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
An invalid type conversion when rendering frame sets could lead to memory corruption. Visiting a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution. Credit to Rhys Kidd of Westnet for reporting this issue.​
 
NewSc2 said:
So some of the Apple vulnerabilities haven't been fixed yet? I haven't downloaded Safari 3 myself (quite fond of Firefox) but I thought I'd check it out.
Click to expand...

yeah... 3.0.1 only addressed the Windows-specific vulnerabilities. Some folks took that to mean that the vulnerabilities that were found WERE only windows-specific, but that's not the case. Apple just took a little while to fix the rest of them. Even now, I'm not sure whether all of them have been patched, as a few more have been trickling out, although they haven't been as severe, hence why we haven't been covering them.
 
Peace said:
I think people with 10.4.10 don't need the security update.I tried to install it and it wouldn't let me.
Click to expand...

I suspect they are only for Safari 2.0.x users, as some vulnerabilities affected that version too, which is why they aren't in software update.
 
Still hasn't fixed the proxy issue on my work machine. :(
Running it on my PB, but can't run it on my WinXP work machine because of proxy issues.
 
roland.g said:
3.0.2 still didn't fix the fact that the white headlines within the red bar on the MR front page news items are wayyyy tooo booold. As is everything else. It is so thick and blurry. So much for text display fixes.
Click to expand...

Crap, that's too bad... hope they fix that in the next update...
 
Installed with no issues on my Windows machine at work. I'm not trying the beta on my Mac, though...

Can I just say that Safari on windows seems Snappier after the update? :D
 
roland.g said:
3.0.2 still didn't fix the fact that the white headlines within the red bar on the MR front page news items are wayyyy tooo booold. As is everything else. It is so thick and blurry. So much for text display fixes.
Click to expand...

Not having that issue here on my Windows machine. Have you tried turning the font rending to light under the preferences? I'm finding it looks EXACTLY like Safari for OS X and that the reason you think it looks blurry is psychological, since it looks so different from Windows font smoothing.
 
Safari for Windows: Is the 3.0.2 update only available through software update? Or does the link to the Apple website download 3.0.2 as a complete package? I still haven't been able to get it to work on XP SP2 so i'm not sure if this latest download/update is worth bothering with.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back