1 August 2008 @ 7:14Security Update 2008-005, Now with more secure!

Security Update 2008-005 fixes the BIND DNS cache poisoning vulnerability by updating BIND to 9.4.2-P1(Leopard) and 9.3.5-P1(Tiger). Also of note, this update addresses the OSA privilege escalation issue by not loading scripting addition plugins into applications running with system privileges. Other items affected by this update include CarbonCore, CoreGraphics, Data Detectors Engine, Disk Utility, OpenLDAP, OpenSSL, PHP, QuickLook, and rsync.

Read the full details here.

UPDATE: Andrew Storms at 360 Security points out that port randomization failed to make it into this security update. Port randomization is the currently accepted countermeasure to prevent DNS cache poisoning of BIND.

Share this:
  • E-mail this story to a friend!
  • Print this article!
  • Wists
  • del.icio.us
  • Reddit
  • Digg
  • StumbleUpon
  • Slashdot
  • Technorati
  • SphereIt
  • Sphinn
  • Google
  • Facebook
  • NewsVine
  • Furl
  • YahooMyWeb
  • Pownce
  • TwitThis
  • Shop Apple
  • Shop Dell

 

Related posts

by Jon | Tags: , , , ,
Posted in mac, security

Link to this post

HTML
BBCode

Add a Comment

Show who you are with a Gravatar.

 

Sign up for PayPal and start accepting credit card payments instantly.

Get fed!

rss icon subscribe to Geek stuff

rss icon Geek stuff in your inbox

Add the "Geek stuff" Google Gadget to your homepage

Add the "Daily Deals" Google Gadget to your homepage

Pages

Featured Tee

UneeTee.com

One Day, One Artist, One cool T-shirt

Melting Freeze Pops by Kevin
Guys - $18
Girls - $18

Apparel

Search Amazon

Search Amazon.com
Search Amazon.co.uk

Advert

Web hosting by ICDSoft