OS X Security Update (April 2002)

[simX]

There's a security update (that apparently was released today) up on Software Update.

Security Update April 2002 includes the following updated components which provide increased security to prevent unauthorized access to applications, servers, and the operating system.

OpenSSH v3.1p1
rsync v2.5.2
groff v1.17.2
PHP v4.1.2
sudo v1.6.5p2
mod_ssl v2.8.7
mail_cmds

Of course, these might transfer their benefits to the GUI side of things.

Oh, and it's still OS X version 10.1.3, but the build number has changed to 5Q110 (as opposed to 5Q45). And no that's not a typo – it's a 5-character build number.

 

[xoot]

Cool!

(Another space filler)

 

[googolplex]

xoot stop posting for nothing.

On the topic, this was a pretty painless install. No reboot even. Its nice that Apple is keeping up with the UNIX side of the OS with updates. Very cool, although I don't know what it changed

 

[Red Phoenix]

Good call, simX. I'm installing it now-I'm all for security updates that don't require rebooting. Anyone else try it?

And in the time it took me to write this message, it downloaded and installed. I guess I'll find out for myself if everything works fine.

 

[dricci]

Why does iTunes update require a reboot but Unix core file updates don't? hehe shouldn't it be the other way around?

Ah well, glad I didn't have to reboot and I now feel up to date. I wonder if this affected people who had manually upgraded their nix stuff? Anyone had any problems yet?

It went painless for me, was done and installed in about a minute.

That build number is strange, too. I didn't think they'd go to that many digits.

 

[googolplex]

These aren't core things in the kernel that would need rebooting. I have no idea why itunes does though. Maybe some optimizations or something...

 

[ddma]

iTunes updater requires to restart may because of the iTunes Helper which runs at user login.

 

[googolplex]

Couldn't it just launch the app or log you out then in?

 

[ddma]

Maybe they can't do it (in OS X 10.x) yet? Who knows!

 

[blb]

Note, for those who are running sshd (Allow remote login in Sharing Preferences), uncheck then recheck it, as the update doesn't restart it for you. It does restart Apache, if you're running that, however.

And as to why iTunes wants to reboot, it's because it installs the iPod kernel extension, and for whatever reason, Apple decided to force the reboot instead of unloading and reloading the extension. Maybe it's easier than explaining that you must unplug the iPod before the update...

 

[ksuther]

iTunes requires a restart because of the kernel burner extensions I think...
It's good to see that Apple updated all those components, especially ssh. I like having the latest and greatest

 

[ksv]

Sikkerhetsoppdatering, april 2002 inkluderer de oppdaterte komponentene nedenfor, som gir økt sikkerhet for å forhindre uautorisert tilgang til programmer, tjenere og operativsystemet.

OpenSSH v3.1p1
rsync v2.5.2
groff v1.17.2
PHP v4.1.2
sudo v1.6.5p2
mod_ssl v2.8.7
mail_cmds

 

[fiznutz]

lol ksv jag noterade din lokalisering alá rosengren
och modifierade min egen

 

[ksv]

Originally posted by fiznutz
lol ksv jag noterade din lokalisering alá rosengren
och modifierade min egen

Hehe

 

[cgiard]

OK, so Apple finally patched the ssh vulnerability (1 month after the release). Ideas on how long until we see the patch for zlib? They really need to get on the ball with security updates, as every major BSD and Linux distribution had patches for these within a week.

 

[rinse]

im afraid to install this... i already have php 4.1.2 on my G4... will this security update mess it up?

anyone in the same situation as me already install it?

 

[mailseth]

I already have php 4.0.6 installed with various compiled in libs (like gd 2 and jpeg support) will this update screw that all up?

 

[Sogni]

On a slightly different but related subject (didn't feel this should go on it's own thread but it's pretty related to this one so),

I was out at Fry's this morning and noticed the OSX boxes has slightly changed.

Now on the front cover it says:

"Now with iPhoto" (as oposed to the "Nowwith version 10.1").

So I pick up the box just out of curiosity and find that not only does it have iPhoto in it, but it is (or was until today) up to date with version 10.1.3...

I was starting to wonder about those poor souls on dialup who do not have OSX yet, at least they don't have to wait hours on dialup just to get newly purchased OS up to date. heh

 

[bighairydog]

Originally posted by rinse
im afraid to install this... i already have php 4.1.2 on my G4... will this security update mess it up?

anyone in the same situation as me already install it?

It shouldn't do, as long as you havn't recompiled apache. (and even then it may well still work)

If you have the 4.1.2 version of PHP already installed, then no need for action. If not, then best to upgrade, because the new PHP fixes a really nasty hole that allows arbitary command execution on your system if you have any scripts that deal with file uploading.

Bernie )

//edit - corrected error

 

[legacyb4]

Also note that if you've been using Marc Liyanage's PHP Installer to upgrade your PHP to a full-blown version, this gets temporarily replaced with the update.

Consequently, any add-ons such as GD graphics support you've installed are also temporarily disabled. Follow his instructions for reapplying the 4.1.2 upgrade and everything returns to normal.

Cheers.