Mac OS X Security Update 2005-004

Toe

macrumors 65816
Original poster
Mar 25, 2002
1,101
2
Security Update 2005-004

Security Update 2005-004 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:

iSync

For detailed information on this Update, please visit this website: http://www.info.apple.com/kbnum/n61798
 

PlaceofDis

macrumors Core
Jan 6, 2004
19,232
4
good catch, only a 1.1mb download and no restart needed, not our usual security update to say the least
 

MacRumors

macrumors bot
Apr 12, 2001
7,437
8,501


On the heels of the Mac OS X 10.3.9 comes a Security Update (2005-004) - in your Software Update:
Security Update 2005-004 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:

iSync

For detailed information on this Update, please visit this website: http://www.info.apple.com/kbnum/n61798/
It addresses a potential buffer overflow issue in a iSync related application.
 

Doctor Q

Administrator
Staff member
Sep 19, 2002
36,044
3,259
Los Angeles
From http://docs.info.apple.com/article.html?artnum=301326:
Available for: iSync 1.5 on Mac OS X v10.2.8 and Mac OS X v10.3.x

Impact: A buffer overflow in iSync could lead to local privilege escalation.

Description: The iSync helper tool mRouter contains a buffer overflow vulnerability. This could result in the execution of arbitrary commands as root by local system users. Security Update 2005-004 fixes this issue by providing a patched version of mRouter. Credit to Braden Thomas for reporting this issue.​
 

James Philp

macrumors 65816
Mar 5, 2005
1,494
0
Oxford/London
Security me up baby!, just call me fort Knox!
Weird, Software update just crashed, ran it again, and apparently the update has been installed!
 

mattster16

macrumors 6502a
Apr 18, 2004
707
337
java?

I wonder if Apple included a little hidden Java fix in this update. If not..they should have, would have been the perfect opportunity to get the problem out of the way with little fuss.
 

Hugin777

macrumors regular
Aug 1, 2003
102
0
Copenhagen
Java...

As far as I know, a lot of people with the Java problem after 10.3.9 fixed it by just updating prebindings. One easy way to do this is to install the latest security update (as Apple recommends).

So I guess this is a quick way for Apple to fix the Java issue without actually mentioning it ;)
 

javabear90

macrumors 6502a
Dec 7, 2003
512
0
Houston, TX
Hugin777 said:
As far as I know, a lot of people with the Java problem after 10.3.9 fixed it by just updating prebindings. One easy way to do this is to install the latest security update (as Apple recommends).

So I guess this is a quick way for Apple to fix the Java issue without actually mentioning it ;)

unfortunatly, I still get a segmentation fault when I do the thing in terminal :mad: :(
 

Eniregnat

macrumors 68000
Jan 22, 2003
1,841
0
In your head.
You would think that they might of know that they were going to fix this little bug and would of included it with the big OS upgrade.
 

neutrino23

macrumors 68000
Feb 14, 2003
1,699
203
SF Bay area
Eniregnat said:
You would think that they might of know that they were going to fix this little bug and would of included it with the big OS upgrade.
Hard to know from the outside how these things get scheduled. At some point you have to stop changing the code and just test it or it will never get out the door.
 

e-coli

macrumors 68000
Jul 27, 2002
1,833
726
The sucurity update screws up safari. It no longer recognizes "valign" commands.

Really really annoying. Really.
 

Balin64

macrumors 6502a
Jul 23, 2002
772
1
In a Mauve Dream
That was Fast!

Although... I am sure it would have been fine if I had not updated... I mean, Tiger is around the corner... but I am such a creature of habit.

All right: I promise that if Apple releases another update before Friday, I WILL NOT update... unless it turns my PB into a PB G5.
 

kasei

macrumors 6502a
Dec 30, 2003
559
9
Los Angeles, CA
God I hope this doesn't screw up my system like 10.3.9 did. I had to revert back to 3.7 before I could get work my way back up to 10.3.9
 

Object-X

macrumors 6502a
Aug 3, 2004
631
1
Why bother

Why bother, we're a single digit migit! :D

I feel like an 8 year old waiting for Christmas.
 

aegisdesign

macrumors 6502a
Apr 19, 2005
874
0
Hugin777 said:
As far as I know, a lot of people with the Java problem after 10.3.9 fixed it by just updating prebindings. One easy way to do this is to install the latest security update (as Apple recommends).

So I guess this is a quick way for Apple to fix the Java issue without actually mentioning it ;)
No. The security update Apple recommends is the 2005-002 update which included updates to Java. It's not the prebinding that fixes the problem apparently.

e-coli said:
The sucurity update screws up safari. It no longer recognizes "valign" commands.
Huh? it doesn't go anywhere near Safari or any of it's components.