Slashdot Mirror

← Back to Stories (view on slashdot.org)

OS X Security Update: Apache, SSL and SSH

Posted by jamie on from the sounds-like-a-good-idea dept.

payote writes "Security Update July 2002 includes the updated components, Apache v1.3.26, mod_ssl v2.8.9 and OpenSSH v3.4p1, which provide increased security to prevent unauthorized access to applications, servers, and the operating system." It's not in my Software Update window, because I'm still on 10.1.4 (having heard rumors that RtCW doesn't work on 10.1.5). But it is indeed out, and any Mac OS X machine whose webserver or ssh server is open to an untrusted network needs to upgrade.

9 of 216 comments (clear)

  1. Quick and easy by znu · · Score: 4, Insightful

    Two minute install, no reboot required. Nice.

    --
    This space unintentionally left unblank.
  2. Re:FYI, no reboot needed by uncleFester · · Score: 5, Insightful

    Upgrading Apache and OpenSSH (and most other apps, even daemons/services) doesn't even require a reboot on Win2000/XP. Welcome to the future!

    No, welcome to the past. Updating ANY daemon, service or software not directly related to the kernel or core libraries does not require reboot. Where the hell have you been?

    It's quite sad when the words 'update' or 'patch' are considered synonymous with 'reboot.'

    --
    -'fester
  3. What is going on? by jonnythan · · Score: 4, Insightful

    Wow, when Microsoft issues security update they are lambasted for putting out an insecure operating system.

    Apple releases massive security update and they are lauded for their focus on protecting their users.

    Red Hat releases security updates and no one mentions them at all.

  4. Re:Let's hope Apple gets quicker.... by BWJones · · Score: 5, Insightful

    I am happy to see that Apple is doing the right thing. I just hope their next update comes a little bit quicker after a vulnerability is announced.

    Jeez, cut them a break man. I just heard of this vulnerability a couple of days ago myself, and was surprised to see an update to remedy this issue so quickly. Because of their commitment to quality in their products, I am sure Apple wanted to QA this thing first before releasing something buggy on their customers.

    You have to admit that Apple has been FAR more responsive to their customers with a variety of issues than has M$ and even a bunch of Linux distros.

    --
    Visit Jonesblog and say hello.
  5. Re:Problem seen - addressed by Anonymous Coward · · Score: 5, Insightful
    I totally agree. They took their sweet time with this one.


    YEAH! Those boneheads prolly wasted time testing and crap like that.

  6. Re:Good to see... by Aqua+OS+X · · Score: 4, Insightful

    Ehh, even if OS X is a *nix OS, most malicious little trolls are still quite unfamiliar with MacOS, and that means that Apple doesn't have to rush these minor updates out the door as soon as they are developed.

    It makes more sense for Apple to simply release packages consisting of multiple minor security updates every three to six months. Most mac users would rather not have Software Update launch and pester them every week.

    --
    "Things are more moderner than before- bigger, and yet smaller- it's computers-- San Dimas High School football RULES!"
  7. Re:Do Apple's make good webservers? by GutBomb · · Score: 5, Insightful

    typically the reason apache is enabled on many macos machines is for web development. up until now, it was a bit difficult to get ssi and php and other server side stuff working while developing on a mac. now that apache and osx can work together, the combination is used much more often.

  8. Re:Good to see... by tdelaney · · Score: 4, Insightful

    1. The patch needed to become available.

    2. Apple needed to test the patch.

    3. Apple needed to build the updater.

    Those who were willing to have been able to apply the patches to their machines for a week. How many machines running OpenSSH and Apache have been patched (no, not just OS X - all machines that run those)?

    Apple has made its update available and easily installable. Within 1-2 weeks, over 80% of MacOS X systems are likely to be patched. Somehow I doubt that any other OS will be able to claim those numbers within a month of the bugs being found.

    Of course, the majority of those systems aren't *running* Apache and OpenSSH, but other people have pointed that out.

  9. Re:Do Apple's make good webservers? by bsartist · · Score: 4, Insightful

    Then the 10.1.4 update broke PHP...

    ...because you chose to install your custom Apache in the same location as the stock version that Apple maintains. Apple didn't force you to install it there - you made that choice. The update may have broken your PHP install, but that's only because you put a big sign on it that said "break me."

    If you walk out into traffic, you'll get run over. If you hit yourself on the head with a hammer, you'll get a concussion. If you install Apache over top of the copy that Apple provides, then when (not if) they update their install, yours will be overwritten. In each case, the answer is simple: don't fscking do that!

    Good lord people, think! This isn't rocket science. It's simple. If you ask for problems, you'll get them.

    --
    Lost: Sig, white with black letters. No collar. Reward if found!