Slashdot Mirror

← Back to Stories (view on slashdot.org)

OS X Security Update: Apache, SSL and SSH

Posted by jamie on from the sounds-like-a-good-idea dept.

payote writes "Security Update July 2002 includes the updated components, Apache v1.3.26, mod_ssl v2.8.9 and OpenSSH v3.4p1, which provide increased security to prevent unauthorized access to applications, servers, and the operating system." It's not in my Software Update window, because I'm still on 10.1.4 (having heard rumors that RtCW doesn't work on 10.1.5). But it is indeed out, and any Mac OS X machine whose webserver or ssh server is open to an untrusted network needs to upgrade.

5 of 216 comments (clear)

  1. Good to see... by BlowChunx · · Score: 0, Troll

    that Apple takes security seriously.

  2. Does this fix the apache hole? by User+956 · · Score: 0, Troll

    You know, the hole that allows a specially crafted, chunk-encoded HTTP request to execute arbitrary code on the server, and as Microsoft would say, "a malicious user" could exploit this to damage systems, take over a box, or worse.

    --
    The theory of relativity doesn't work right in Arkansas.
    1. Re:Does this fix the apache hole? by Listen+Up · · Score: 0, Troll


      What in the fuck was that website you posted?
      That was some seriously fucked up shit.

  3. Mac running webservers? by Anonymous Coward · · Score: 0, Troll

    Does it run under Finder or as a Desk Accessory?

  4. metrics contradict slashdot truisms by MeowMeow+Jones · · Score: 1, Troll
    Microsoft just released their 33rd advisory/patch of the year. This encompasses their entire product line and all supported OSes.

    Redhat has about 70 or 80 advisories for RedHat 7.2 alone in 2002.

    How can this be?

    --

    Trolls throughout history:
    Jonathan Swift