Apple releases Safari 4.0.4 with security flaw patch
Apple Wednesday afternoon released an update to its Safari Web browser, addressing a vulnerability that could allow an image file to exploit Macs with older software.
According to Apple, the flaw allowed maliciously crafted images with an embedded color profile to execute arbitrary code, or unexpectedly terminate the application. The issue does not affect Mac OS X 10.6 systems, and was already addressed with Security Update 2009-005 for Mac OS X 10.5.8 systems.
The 36.2MB download is available via Software Update. In addition to the security patch, Safari 4.0.4 is said to offer:
Improved JavaScript performance
Improved Full History Search performance for users with a large number of history items
Stability improvements for third-party plug-ins, the search field and Yahoo Mail
The last update to Safari, 4.0.3, was released in August. It provided stability improvements for Web pages that use the HTML 5 video tag, and fixed issues that prevented some users from logging into iWork.com
According to Apple, the flaw allowed maliciously crafted images with an embedded color profile to execute arbitrary code, or unexpectedly terminate the application. The issue does not affect Mac OS X 10.6 systems, and was already addressed with Security Update 2009-005 for Mac OS X 10.5.8 systems.
The 36.2MB download is available via Software Update. In addition to the security patch, Safari 4.0.4 is said to offer:
Improved JavaScript performance
Improved Full History Search performance for users with a large number of history items
Stability improvements for third-party plug-ins, the search field and Yahoo Mail
The last update to Safari, 4.0.3, was released in August. It provided stability improvements for Web pages that use the HTML 5 video tag, and fixed issues that prevented some users from logging into iWork.com
Comments
Now comes Safari to be followed by iTunes,to be followed by iPhone, to be followed by AppleTV, etc, et,c and then back again.
I know - quit complaining- it's the Love Train!
Still no flash fix.
Yeah, it would be nice if Adobe would work on that.
I just discovered that Webkit does not support MathML
But...but... Safari gets 100/100 in ACID3 and is therefore must be the most standard compliant browser ever...although only IE8 supports CSS 2.1 fully...*head explodes*
I told you!
Now comes Safari to be followed by iTunes,to be followed by iPhone, to be followed by AppleTV, etc, et,c and then back again.
I know - quit complaining- it's the Love Train!
you'd have nothing to say if you didn't complain.
I told you!
Now comes Safari to be followed by iTunes,to be followed by iPhone, to be followed by AppleTV, etc, et,c and then back again.
I know - quit complaining- it's the Love Train!
Ya, I wish the company that built my computer and phone didn't issue updates and patches.
I'm on Snow Leopard, for God's sake! You'd think Apple would have worked out the legacy issues, including QuickTime 7 and any Carbon libraries.
I just discovered that Webkit does not support MathML ( the xml tags used to render mathematical notation) Firefox does though. I just landed a nice job to write an application for such so I'm a little bummed. I usually use Safari but no dice on this job. For anyone one else interested, a new JS library is in the works to be released soon to fix the lack of support in Webkit. It is called MathJax
Firefox looks to only support partial MathML. If you want real support you?ll have to go with Opera. Note that it?s coming to WebKit.
But...but... Safari gets 100/100 in ACID3 and is therefore must be the most standard compliant browser ever...although only IE8 supports CSS 2.1 fully...*head explodes*
Fully? This Wikipedia page paints a different picture. Granted, it?s Wikipedia and it?s a complex page that could easily be out of date, but all the main browsers seem pretty on the ball. PS: Acid3 wasn?t designed to test for everything. It?s designed that way. Acid4 will likely work the same way.
Ya, I wish the company that built my computer and phone didn't issue updates and patches.
Now he?s complaining that Apple?s issues updates to their apps???
Could somebody please explain to me why this update requires a reboot, despite the fact that no other browser on any other operating system I know of requires a reboot after install?
Just to vex you.
Could somebody please explain to me why this update requires a reboot, despite the fact that no other browser on any other operating system I know of requires a reboot after install?
I'm on Snow Leopard, for God's sake! You'd think Apple would have worked out the legacy issues, including QuickTime 7 and any Carbon libraries.
Simply put, you?re not just updating Safari.app or QuickTime.app when Apple?s issue an update, they are also updating the frameworks that are loaded when you start your machine.
Flash still crashes frequently throughout the day. Hell after I rebooted and went to chron.com, flash crashed before it even loaded the page. The Fuck!
Adobe really needs to fix Flash an make a 64-bit plug-in. If you are on battery and using Safari you are best to run in 32-bit mode otherwise you suffer a hue power drain in you are using Flash.
Could somebody please explain to me why this update requires a reboot, despite the fact that no other browser on any other operating system I know of requires a reboot after install?
I'm on Snow Leopard, for God's sake! You'd think Apple would have worked out the legacy issues, including QuickTime 7 and any Carbon libraries.
It's not clear why and I agree with you this really shouldn't be a necessity to reboot at this point.
Flash still crashes frequently throughout the day. Hell after I rebooted and went to chron.com, flash crashed before it even loaded the page. The Fuck!
I thought I read somewhere that with Snow Leopard (or was it Safari 4.0?) that when a plug-in crashes, as Flash does a lot, only the plug-in would crash and not all of Safari. Does anyone see this? My Safari is still crashing when Flash does.
MBP Core Duo (1,1)
10.6.2
Safari 4.04 (but 4.04 hasn't crashed yet)