Security Update 2004-09-07

baumanbauman
Posted:
in macOS edited January 2014
Here's the description:

Quote:

Security Update 2004-09-07 delivers a number of security enhancements and is recommended for all Macintosh users. This update includes the following components:





CoreFoundation

IPSec

Kerberos

libpcap

lukemftpd

NetworkConfig

OpenLDAP

OpenSSH

PPPDialer

rsync

Safari

tcpdump







For detailed information on this Update, please visit this website: http://www.info.apple.com/kbnum/n61798



Looks like they've changed quite a bit, but it only weighs in at 7.6MB.

Comments

  • Reply 1 of 6
    bnoyhtuawbbnoyhtuawb Posts: 456member
    Quote:

    Originally posted by bauman

    Here's the description:





    Looks like they've changed quite a bit, but it only weighs in at 7.6MB.



    Hey, it's not SP2
  • Reply 2 of 6
    lukeblukeb Posts: 6member
    Has anyone had a problem with outgoing messages not working in Mail after the installation of the 9-7-04 10.2.8 security update?
  • Reply 3 of 6
    wcatteywcattey Posts: 1member
    I see that a new version of this Security Update has just come out

    (v 1.1).



    Has anyone a guess as to what had to be fixed up so soon after the initial release?
  • Reply 4 of 6
    toweltowel Posts: 1,479member
    Quote:

    Originally posted by wcattey

    I see that a new version of this Security Update has just come out

    (v 1.1).



    Has anyone a guess as to what had to be fixed up so soon after the initial release?



    The FTP server. The original update included a more secure replacement ftpd program (lukemftpd), but it apparently didn't play nice with OSX's built-in authentication system. So if you applied the update, your machine couldn't be an ftp server anymore. This update patches the new ftpd so it works. Neither the sftp server nor ftp clients were affected by the bug.



    From Apple's security list via xlr8yourmac:
    Quote:

    " Security Update 2004-09-07 v1.1 is now available and fixes the following issues in Security Update 2004-09-07 v1.0:



    * lukemftpd: Corrects the path to the file containing users who are not permitted to use FTP. When this file cannot be found (as in the default installation of v1.0), FTP will not authorize any users. The ability to use long login names is also restored.



    * Safari: The Safari version number is changed to provide compatibility with web sites that incorrectly identify Safari as a different browser. Tips to correctly identify the Safari browser via JavaScript are available at:

    http://developer.apple.com/internet/...afari_faq.html

    http://developer.apple.com/internet/...tdetection.htm



    Security Update 2004-09-07 v1.1 contains no additional security enhancements, and is simply an updated version of Security Update 2004-09-07 v1.0. "



  • Reply 5 of 6
    tuttletuttle Posts: 301member
    So only two userland program get updated and it requires a restart?



  • Reply 6 of 6
    bnoyhtuawbbnoyhtuawb Posts: 456member
    Quote:

    Originally posted by Tuttle

    So only two userland program get updated and it requires a restart?







    It would be hard to have a "dual-personality" installer detecting whether you're upgrading from Update 1.0 or from "plain" 10.3.5.
Sign In or Register to comment.