[product-security@xxxxxxxxx: APPLE-SA-2004-05-03 Security Update 2004-05-03]
----- Forwarded message from Apple Product Security
<product-security@xxxxxxxxx> -----
From: Apple Product Security <product-security@xxxxxxxxx>
Subject: APPLE-SA-2004-05-03 Security Update 2004-05-03
To: <security-announce@xxxxxxxxxxxxxxx>
Date: Mon, 03 May 2004 14:27:44 -0700
User-Agent: Microsoft-Outlook-Express-Macintosh-Edition/5.02.2022
Message-ID: <BCBC0760.291%product-security@xxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2004-05-03 Security Update 2004-05-03
Security Update 2004-05-03 is now available and contains security
enhancements for the following:
CoreFoundation: Fixes CAN-2004-0428 to improve the handling of an
environment variable. Credit to aaron@xxxxxxxx for reporting this
issue.
Apache 2: Fixes CAN-2003-0020, CAN-2004-0113 and CAN-2004-0174 by
updating to Apache 2 to version 2.0.49.
RAdmin: Fixes CAN-2004-0429 to improve the handling of large requests
AppleFileServer: Fixes CAN-2004-0430 to improve the handling of long
passwords. Credit to Dave G. from @stake for reporting this issue.
IPSec: Fixes CAN-2004-0155 and CAN-2004-0403 to improve the security
of VPN tunnels. IPSec in Mac OS X is not vulnerable to
CAN-2004-0392.
Notes:
- Security Update 2004-05-03 is available for both Mac OS X 10.3.3
and Mac OS X 10.2.8
- Security Update 2004-04-05 has been incorporated into this update
================================================
Security Update 2004-05-03 may be obtained from:
* Software Update pane in System Preferences
* Apple's Software Downloads web site:
For Mac OS X 10.3.3 "Panther"
=============================
http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z
/SecUpd2004-05-03Pan.dmg
The download file is named: "SecUpd2004-05-03Pan.dmg"
Its SHA-1 digest is: 6f35539668d80ee536305a4146bd982a93706532
For Mac OS X Server 10.3.3
==========================
http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z
/SecUpdSrvr2004-05-03Pan.dmg
The download file is named: "SecUpdSrvr2004-05-03Pan.dmg"
Its SHA-1 digest is: 3c7da910601fd36d4cdfb276af4783ae311ac5d7
For Mac OS X 10.2.8 "Jaguar"
=============================
http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z
/SecUpd2004-05-03Jag.dmg
The download file is named: "SecUpd2004-05-03Jag.dmg"
Its SHA-1 digest is: 11d5f365e0db58b369d85aa909ac6209e2f49945
For Mac OS X Server 10.2.8
==========================
http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z
/SecUpdSrvr2004-05-03Jag.dmg
The download file is named: "SecUpdSrvr2004-05-03Jag.dmg"
Its SHA-1 digest is: 28859a4c88f6e1d1fe253388b233a5732b6e42fb
Information will also be posted to the Apple Product Security web
site:
http://www.apple.com/support/security/security_updates.html
This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQEVAwUBQJa38XeI0z6bzFr0AQKEjAf9HAvSxFVwKjmzZ1ZcqmVWhCfkNA9TIby7
Z9WOeAIhSFX1GVyetjQIeODLBYVj8bACK2fDj+deRv60VC6IQOxQNTSI5EwlkI/O
Tnz9q77WwV0IaNugfZHWQglKiH6j5ZhMg9xZUQTEpJChPS6u0NN3J4nhj7diqlbK
4a6N+HLQ4jQvk4hpQoFYRGOVnHzso2SJpKUN5uJ2obTSUw528Gchugr1Uez4/m9G
Pb5BZewX877Qc3t1icnlNxSXSru2TIrqef4+ZuJlek5N8lN0oda2KQ7pvkc0/raO
oJnLTiJoGFxLV5jLw7PBd7bIRpUJXZa/xtyg1lj8XUf0r5SFGRVwww==
=wmAo
-----END PGP SIGNATURE-----
_______________________________________________
security-announce mailing list | security-announce@xxxxxxxxxxxxxxx
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.
----- End forwarded message -----
--
David Mirza Ahmad
Symantec
PGP: 0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12