MacRumors

macrumors bot
Original poster
Apr 12, 2001
52,970
14,714
Apple has released a 2003-12-19 Security Update in your Mac OS X Software Update. This update is recommended for all Macintosh users:

This update includes the following components: AFP Server, ASN.1 Decoding for PKI, cd9660.util, Directory Services,fetchmail, fs_usage, rsync. and System Initialization.

For more information: http://www.info.apple.com/kbnum/n61798

Apple also posted an update to the Quicktime 6 MPEG-2 Component (also in Software Update). Users who had previous purchased the Quicktime MPEG-2 Component had found that the previous version expired on Dec 15th.
 

Booga

macrumors regular
Aug 8, 2002
122
0
Also Xcode re-posted

In addition, the Xcode update which was pulled yesterday was re-posted today.
 
Comment

bennok

macrumors member
Oct 6, 2003
79
0
That's a lot of updates, and a lot of updates requiring a restart ;-)
 
Comment

ZildjianKX

macrumors 68000
May 18, 2003
1,610
0
Please, no more OS X updates... fix the damn iPod firmware that is whacked Apple!
 
Comment

magi.sys

macrumors member
May 12, 2003
67
0
Also, the 10.3.2 server update is posted

I bet apple wanted to wait till they figured out the security update before they released the server update, hence the delay compared to panther client.
 
Comment

SFNE Freak

macrumors member
Oct 4, 2003
68
0
CT
Screw that...I'll take my chances and wait until I have to restart for something else. I'm sick of restarting for software updates.
 
Comment

mac15

macrumors 68040
Dec 29, 2001
3,099
0
I'll hold off the secutiy update for a while, nothing thats there bother me all that much to install it.
 
Comment

sethypoo

macrumors 68000
Oct 8, 2003
1,580
0
Sacramento, CA, USA
Originally posted by SFNE Freak
Screw that...I'll take my chances and wait until I have to restart for something else. I'm sick of restarting for software updates.

Hear hear, but it has to happen occasionally.

So the Xcode update is back.....interesting.
 
Comment

dukemeiser

macrumors 6502a
Dec 17, 2002
529
0
Iowa
There sure has been a lot of Security Fixes lately. And here I was getting envious of the PC users. :D

I've noticed that more people have been reporting security holes to Apple than before. Does this mean the Mac OS is reaching a larger audience than ever before? ;)
 
Comment

arn

macrumors god
Staff member
Apr 9, 2001
15,756
4,611
Originally posted by dukemeiser

I've noticed that more people have been reporting security holes to Apple than before. Does this mean the Mac OS is reaching a larger audience than ever before? ;)

It's probably more that Mac OS X is more of a multi-user OS.

You could see it that Mac OS 9 had a huge security hole or none. It had no multiuser capability, so you didn't have to worry about anyone logging in. Anyone at the computer, however, could wipe the entire drive, or replace any file with malicious one.

arn
 
Comment

ITR 81

macrumors 65816
Oct 24, 2003
1,052
0
Xcode was pulled yesterday due to a server glitch. A Apple rep. reported it on the Apple Dis. boards yesterday.

I'll update everything now thank you.
 
Comment

CaptainScarlet

macrumors regular
Jul 25, 2002
137
0
CheeseLand
I do belive in patching all my systems, and have already patched them. No problems here.


After this install the 10.3.2 update seems "Faster".



CS.....out
 
Comment

bousozoku

Moderator emeritus
Jun 25, 2002
14,418
500
Lard
Originally posted by TomSmithMacEd
I thought I went to the mac to get away from security updates??? WHo knows.

The difference is that these really fix things, not make things worse. :D The security updates don't arrive that often since things are pretty secure already.
 
Comment

pb1212580

macrumors member
Sep 19, 2003
92
0
as an ex-heavy-windows user, I can say that everything there's a security update or some sort of update, the system seems to run slower and slower... or just start doing funky things and being unstable more and more. Honest.
Yes, even in xp. There are at least 40 security updates since xp came out... at least that's what I got yesterday reinstalling my sister's "new" pc laptop. I had to do 65 download/updates; and that's just from M$.

I have to agree that Apple's updates dont' usually slow things down; usually fixes things and if anything improves the speed.

So, anyone found any interesting things about these updates? Quite quiet in here... so different from last night! :)

my 2 cents...
 
Comment

ddbean

macrumors regular
Sep 17, 2003
125
0
Thousand Oaks, CA
Ran update fine here. no notice of change.
To pivo6, my update was 3.5 mb. I was wondering why yours would have only been 1.5? (Not a big deal, just curious)
 
Comment

pivo6

macrumors 68000
Dec 2, 2002
1,747
329
Minnesota
Originally posted by ddbean
Ran update fine here. no notice of change.
To pivo6, my update was 3.5 mb. I was wondering why yours would have only been 1.5? (Not a big deal, just curious)

I either misread, or maybe because I'm still running Jaguar 10.2.8.
 
Comment

Spades

macrumors 6502
Oct 24, 2003
461
0
OS X includes a huge amount of software, a lot of it NOT written by Apple. The good side of this is that OS X has more out-of-the-box functionality than Windows. The bad side of this is that there's more stuff for Apple to fix.

Of the updates listed, I immediately recognize fetchmail and rsync as not being Apple's software. I don't know what's fixed in fetchmail, but if the rsync problem is what I think it is, then it's definitely not Apple's fault.

The rsync problem I'm thinking of is the security hole which allowed the recent attacks on the Debian project, and one of the systems used to mirror Gentoo. (Note that it only hit a mirror, and none of Gentoo's files were touched.)

I'm not sure how many people are even aware that OS X includes rsync, let alone use it, but I'm glad Apple is keeping the software they ship with OS X secure, even if it's not their own software.

Edit: My mistake. As pointed out below, Debian was attacked with a different method.
 
Comment

Mr.Hey

macrumors 6502
Jul 17, 2002
370
0
Originally posted by TomSmithMacEd
WHo knows.


Did you mean-- who knew?


When the security patches outpace M$ in both size and frequency then I'll agree with you but until then.....zip it. Now you know :).
 
Comment

ITR 81

macrumors 65816
Oct 24, 2003
1,052
0
Originally posted by HoserHead
Please note the Debian compromise had nothing to do with the rsync bug, but was instead a kernel exploit.

But I believe the kernel has been updated since then.

It looks like the bootup process on my Mac has slightly improved with this sec. update.
 
Comment

Stella

macrumors G3
Apr 21, 2003
8,646
5,654
Canada
I'd rather have updates than an OSX than unsupported and is left to rott, or updated infequentally, such as XP. In two years, how many XP updates have there been (apart from security fixes... and fixes to fix the security fix). Little.

As for rebooting. Sometimes it really is necessary. Some upgrades update the prebinding, once this is done, you have to reboot.

Try rebinding yourself and then run affected applications..... the answer? They don't.... until you reboot.


Originally posted by ZildjianKX
Please, no more OS X updates... fix the damn iPod firmware that is whacked Apple!
 
Comment

SeaFox

macrumors 68030
Jul 22, 2003
2,573
859
Somewhere Else
Originally posted by arn
You could see it that Mac OS 9 had a huge security hole or none. It had no multiuser capability, so you didn't have to worry about anyone logging in. Anyone at the computer, however, could wipe the entire drive, or replace any file with malicious one.

arn

What do you mean it had no multiuser capability? What was the "Multiple Users" Control Panel for then? :rolleyes:

If the other users worked in Simple Finder or the "Panes" view similar to the old At Ease interface, they couldn't mess in the System Folder, defined appliactions, and external media.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.