Er is een nieuwe update voor het Mac OS X uitgekomen. Versie 10.2.4 bevat de volgende verbeteringen:

* Sendmail: Fixes CAN-2002-0906 Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, could permit a denial of service attack and possibly allow execution of arbitrary code. Mac OS X 10.2.4 contains Sendmail 8.12.6 with the SMRSH fix applied to also address CAN-2002-1165.

* AFP: Fixes CAN-2003-0049 "AFP login permissions for the system administrator". Provides an option whereby a system administrator may or may not be allowed to log in as a user, authenticating via their admin password. Previously, administrators could always log in as a user, authenticating via their own admin password.

* Classic: Fixes CAN-2003-0088, where an attacker may change an environment variable to create arbitrary files or overwrite existing files, which could lead to obtaining elevated privileges. Credit to Dave G. from @stake, Inc. for discovering this issue.
* Samba: Previous releases of Mac OS X are not vulnerable to CAN-2002-1318, an issue in Samba's length checking for encrypted password changes. Mac OS X currently uses Directory Services for authentication, and does not call the vulnerable Samba function. However, to prevent a potential future exploit via this function, the patch from Samba 2.2.7 was applied although the version of Samba was not changed for this update release. Further information is available from: http://samba.org/samba/whatsnew/samba-2.2.7.html

Update 10.2.4 voor mensen die versie 10.2.3 hebben draaien.

Update 10.2.4 voor mensen die versie 10.2, 10.2.1, of 10.2.2 hebben draaien.