Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Releases Security Update 2003-03-24

Posted by pudge on from the lolly-lolly-lolly-get-your-security-related-update-here dept.

skeeter17 writes "Apple updates security again. According the description: 'Security Update 2002-03-24 addresses a Samba vulnerability which could allow unauthorized remote access to the host system. .... OpenSSL is also updated to address an issue in which RSA private keys can be compromised when communicating over LANs, Internet2/Abilene, and interprocess communication on local machine. ... It is recommended that all users install this Security Update.' Well! There you have it folks!" It is available via Software Update.

2 of 58 comments (clear)

  1. Re:Someone tell me... by Juanvaldes · · Score: 3, Informative

    because that has already been fixed and is in the 10.2.5 update which will be released within a few weeks.

  2. Re:Macs rock. ;) by WatertonMan · · Score: 4, Informative
    You can still recompile most of the Apple utilities that have these patches. Indeed if you are using Apache on a production machine using OSX you are probably better off compiling the code so that you *know* exactly what is going on. For most machines that is less significant.

    Put an other way, you're right, but your confusing Apple's software with the code. Most of the services on OSX are open source and to say that "they are slower to release fixes than open source" rather misses the forest for the trees. (Or vice versa) What Apple does is provide a quick, easy update for regular users who don't want to deal with the complexities of compiling their open source programs. As such Apple reacts very timely and does a lot of checking.

    So to differentiate Apple's security and open source's security is a false dichotomy.