1 August 2008 @ 7:14Security Update 2008-005, Now with more secure!

Security Update 2008-005 fixes the BIND DNS cache poisoning vulnerability by updating BIND to 9.4.2-P1(Leopard) and 9.3.5-P1(Tiger). Also of note, this update addresses the OSA privilege escalation issue by not loading scripting addition plugins into applications running with system privileges. Other items affected by this update include CarbonCore, CoreGraphics, Data Detectors Engine, Disk Utility, OpenLDAP, OpenSSL, PHP, QuickLook, and rsync.

Read the full details here.

UPDATE: Andrew Storms at 360 Security points out that port randomization failed to make it into this security update. Port randomization is the currently accepted countermeasure to prevent DNS cache poisoning of BIND.

Be Sociable, Share!

by | Add a comment | Tags: , , , ,
Posted in mac, security | Link to this

Add a Comment

Show who you are with a Gravatar.


Sign up for PayPal and start accepting credit card payments instantly.

Staples Logo

Get fed!

rss icon subscribe to Geek stuff

rss icon Geek stuff in your inbox

Add the "Geek stuff" Google Gadget to your homepage

Add the "Daily Deals" Google Gadget to your homepage


Search Amazon

Search Amazon.com
Search Amazon.co.uk

Recent Forum Topics


    Web hosting by ICDSoft