After weeks of '10.6.3 is imminent' stories, Apple has finally released the latest version of Mac OS X 10.6 Snow Leopard with a substantial list of improvements including more than 50 security fixes.


Mac OS X 10.6.3 delivers no new features, but that's what you'd expect from a second-point update especially in the post-Enron era of 'no extra functionality for free' accounting practices.

Mac OS X 10.6.3 does include reliability and/or compatibility issues for a number of subsystems, including QuickTime X, OpenGL, AirPort, printing, Bonjour, DNS, photo screen savers, and USB input.

It also provides fixes for a variety of specific issues affecting Mail, Aperture, iChat, iCal, MobileMe, Time Machine, Parental Controls, Directory Services, Mobile Accounts, copying to Windows file servers, Xsan, and glowing, stuck, or dark pixels in video from the iMac (Late 2009) built-in iSight camera.

One item on the 10.6.3 list that will be especially welcomed by users of some older software is that the issue that prevented files with the # or & characters in their names from opening in Rosetta applications has now been fixed.

Daylight Saving Time rules have been updated to reflect recent changes in areas including Argentina, Fiji, Pakistan, and Antarctica, and improvements have been made to the performance of Logic Pro 9 and Main Stage 2 in 64-bit mode.

A full list on non-security changes can be found here.

Please read on for the security changes delivered in 10.6.3 and in Security Update 2010-002 for Leopard.



Security fixes in 10.6.3 cover the AFP server (two issues),  Apache (updated to version 2.2.14; version 2.2.15 - with additional security fixes - was released earlier this month), CoreAudio (two issues), CoreMedia, CoreTypes, CUPS, curl, Desktop Services (two issues), Disk Images (two issues), Directory Services, Dovecot, Event Monitor, FreeRADIUS (server only), FTP Server (server only), iChat Server (server only; three issues), ImageIO (four issues), Image RAW, Libsystem, Mail (two issues), MySQL (server only; updated to version 5.0.88 - current version is 5.1.45), OS Services, Password Services (server only), PHP (updated to version 5.3.1; 5.3.2 - with additional security fixes - was released earlier this month), Podcast Producer, Preferences, PS Normalizer, QuickTime (nine issues), Ruby on Rails (updated to version 2.3.5), Server Admin, SMB, Tomcat (server only; updated to version 6.0.24; version 6.0.25 - with additional security fixes - was released earlier this month), Wiki Server, and X11 (two issues).

In parallel with Mac OS X 10.6.3, Security Update 2010-002 for Mac OS X 10.5.8 provides fixes for vulnerabilities in the spell checker, application firewall, AFP server, Apache, ClamAV, CoreTypes, CUPS, curl (two issues), Disk Images (two issues), Cyrus IMAP (server only), Cyrus SASL, Desktop Services (two issues), Directory Services, Event Monitor, FreeRADIUS (server only), FTP Server (server only), iChat Server (server only; four issues), ImageIO (four issues), Image RAW (two issues), Libsystem, Mail (two issues), Mailman (updated to version 2.1.13), OS Services, Password Services (server only), perl, PHP (updated to version 5.2.12, even though the PHP project team is encouraging all users of version 5.2.x to upgrade to 5.2.13), PS Normalizer, Ruby on Rails (updated to version 2.3.5), Server Admin (two issues), SMB, Tomcat (server only; updated to version 6.0.24; version 6.0.25 - with additional security fixes - was released earlier this month), unzip, vim (updated to version 7.2.102 - 7.2.411 is current), Wiki Server (two issues), X11 (two issues), and xar.

In both cases, a significant proportion of the vulnerabilities involve susceptibility to malformed files such as TIFF images or H.264 movies.

Both updates can most easily be applied by running the Software Update utility. Alternatively, they can be downloaded via Apple's Support Downloads page.

Some users will prefer to download the combo version of the Mac OS X 10.6.3  update, as this can be used on any 10.6.x installation. While combo updaters are sometime substantially larger than the corresponding regular (incremental) updaters, the 10.6.3 combo is only 10% larger. This indicates how wide-ranging the changes are in 10.6.3.

 

47 REASONS TO ATTEND YOW! 2018

With 4 keynotes + 33 talks + 10 in-depth workshops from world-class speakers, YOW! is your chance to learn more about the latest software trends, practices and technologies and interact with many of the people who created them.

Speakers this year include Anita Sengupta (Rocket Scientist and Sr. VP Engineering at Hyperloop One), Brendan Gregg (Sr. Performance Architect Netflix), Jessica Kerr (Developer, Speaker, Writer and Lead Engineer at Atomist) and Kent Beck (Author Extreme Programming, Test Driven Development).

YOW! 2018 is a great place to network with the best and brightest software developers in Australia. You’ll be amazed by the great ideas (and perhaps great talent) you’ll take back to the office!

Register now for YOW! Conference

· Sydney 29-30 November
· Brisbane 3-4 December
· Melbourne 6-7 December

Register now for YOW! Workshops

· Sydney 27-28 November
· Melbourne 4-5 December

REGISTER NOW!

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

 

Popular News

 

Telecommunications

 

Sponsored News

 

 

 

 

Connect