Security update 2005-004

[Captain Code]

Fixes mRouter priveledge escalation vulnerability. Check SU.

More info from Apple
http://docs.info.apple.com/article.html?artnum=301326

iSync
Available for: iSync 1.5 on Mac OS X v10.2.8 and Mac OS X v10.3.x
CVE-ID: CAN-2005-0193
Impact: A buffer overflow in iSync could lead to local privilege escalation.
Description: The iSync helper tool mRouter contains a buffer overflow vulnerability. This could result in the execution of arbitrary commands as root by local system users. Security Update 2005-004 fixes this issue by providing a patched version of mRouter. Credit to Braden Thomas for reporting this issue.

 

[texanpenguin]

Gar! With all these updates, my computer seems to be getting restarted every week!

Oh well, am I right in thinking that this is the last severe vulnerability discovered in Panther?

I doubt we'll be getting any more updates for Panther until a mission-critical problem is discovered.

 

[Viro]

No restart is necessary with this update .

 

[HomunQlus]

Thanks for the info!! I think that will be that last critical update for Panther in a while (if they continue to supply updates for Panther).

 

[RGrphc2]

Thanks for the info!! I think that will be that last critical update for Panther in a while (if they continue to supply updates for Panther).

I remember someone mentioning they still release updates for 10.1 and 10.2

 

[Darkshadow]

Not so much for 10.1, though updates are still available for 10.2.

 

[texanpenguin]

They'll provide important security updates for Panther at least until 10.6, just as with Jaguar.