Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mac OS X 10.2.5 Update Available

Posted by pudge on from the only-on-cd-rom dept.

jarrettwold2002 writes "ThinkSecret mentioned that 10.2.5 would be out this month; well, it's out much sooner than the usual end of the month dates that Apple loves. It might be available via Software Update later today or tomorrow, but is available for purchase on CD via the Apple Store, right now. 'The 10.2.5 Update delivers enhanced functionality and improved reliability for the following applications, utilities, services, and technologies: Address Book, AirPort, AppleScript, Bluetooth, Classic compatibility, Disk Copy, Disk Utility, Finder, Help Viewer, iChat, Image Capture, IP Firewall, Kerberos, Mail, OpenGL, Print Center, Rendezvous, and Sherlock.'" The release notes are not yet available. Update: 04/10 23:09 GMT by P : It is now available via Software Update, too.

15 of 147 comments (clear)

  1. I wonder if it will address battery issues by thunderbird46 · · Score: 4, Interesting

    Some (Dual USB) iBook users are having battery problems with 10.2.4 -- seems 10.2.4 messes up something in the power management so that when running unplugged the machine'll run till some arbitrary level of charge remaining (from 50%-90% of capacity left) and then suddenly go into sleep. Plugging the machine in starts the battery charging from 0%. Here's hoping 10.2.5 addresses that.

  2. Is this a typo? by Pirogoeth · · Score: 4, Funny

    Here's the release notes from 10.2.4:

    The 10.2.4 Update delivers enhanced functionality and improved reliability for the following applications, utilities, services, and technologies: Address Book, AppleScript, Classic compatibility, Disk Copy, Disk Utility, Finder, Help Viewer, iChat, Image Capture, IP Firewall, Kerberos, Mail, OpenGL, Print Center, Rendezvous, and Sherlock. It provides audio, disc recording, graphics, printing improvements, AFP and WebDAV networking and Windows file service improvements, as well as USB, FireWire and SCSI device compatibility enhancements. The update also provides updated security services and includes the latest Security Updates.

    Looks pretty similar...

    --
    Happiness is like peeing yourself. Everybody can see it but only you can feel its warmth.
    1. Re:Is this a typo? by dankow · · Score: 5, Informative
      Looks pretty similar...


      That's because this is a combo installer, and those are all the changes since 10.2. Read the link, and you'll find out that there's a page that lists the 10.2.5 changes separately.

      --
      I am the hub of Jack's digital lifestyle.
  3. Re:Whoa... by jkujawa · · Score: 4, Informative

    Apple puts its software updates in one place, and they're picked up by Akamai's caches from there.

  4. Airport Fixes? by peterdaly · · Score: 4, Informative

    I hope this update will make my 12" TiBook with Airport Extream stop crashing my Linksys Wireless access point.

    That is really a problem for me.

    -Pete

    --
    Soccer Goal Plans
    1. Re:Airport Fixes? by phyxeld · · Score: 4, Interesting

      Linksys definitely has a problem if rogue clients can crash their APs, but Mac OS X boxes really do do some weird wifi stuff. Quite often, when my airport card is on, linux users nearby who are on their consoles see a constant stream of kernel messages about "undersized frames". If I turn off my airport, it stops. I've seen a few macs do this, with a few different linux boxes. The common factor between the linux boxes is that they all were running (or had recently been running) in RF_MON mode. In any case, it only happens sometimes, and it's definitely caused by the presence of airport-enabled macs. Quite strange.

      There are a lot of oddities I'm really hoping this update will fix. Among them, the sometimes-forgetting to ask for my encrypted disk password upon waking from sleep: If it doesn't ask, the disk just hangs, and the machine has to be rebooted. I really hope thats fixed. Currently I have to remember to hdiutil detach -force disk1 (or whatever df shows the volume mounted as) before I close the lid, if I don't want to risk crashing.

      I can't seem to find the standalone combo update for download yet. The update is in Software Update, but I usually like to download the 10.2.x combo updater, so I can keep it with my 10.2 disks for later use. Tried guessing links from previous updates, but no luck. Anybody got a link to the combo update yet?

      --
      __
      Choose mnemonic identifiers. If you can't remember what mnemonic means, you've got a problem. - Larry Wall
  5. Bluetooth update? by davesag · · Score: 4, Interesting

    I wonder if I'll finally be able to use my mac as a virtual bluetooth headset. i mean i love being able to dial, send sms messages and answer the phone from my mac but then i have to go into the other room and find my phone to actually talk to anyone. It would be much more awesome to just click answer and then speak/listen, and to be able to use the voice activatable functions in the phone etc. Then my phone can stay in its drawer where it belongs until it's walkies time.

    --
    I used to have a better sig than this, but I got tired of it
    1. Re:Bluetooth update? by davesag · · Score: 4, Interesting

      My point is I already own a Mac and a phone, my Mac has a mike and a speaker. I use my Mac to drive the phone in every respect except to actually talk to people via voice, and issue voice instructions to the phone. So rather than spend more money on a bluetooth headset that I'd only lose anyway, I want the bluetooth stack in osx to handle audio. Consider the possibilities.

      --
      I used to have a better sig than this, but I got tired of it
  6. 10.2.5 contains 10.2.4 by NaugaHunter · · Score: 4, Informative

    The specific 10.2.5 changes are here.

    --
    R: That voice. Where have I heard that voice before? B: In about 365 other episodes. But I don't know who it is either.
  7. It's out, and fixes the clock reset issue by carou · · Score: 4, Informative
    It's downloading as I type. And I'm glad to see in the release notes:
    Addresses an issue in which the date may unexpectedly be set to 1969 or 1970 during startup.

  8. Update features (from versiontracker) by dynayellow · · Score: 4, Informative

    Bluetooth Setup Assistant now works with certain Microsoft keyboards and mouse devices.
    Includes Bluetooth support for Nokia 7650 and P800 phones.
    Improves compatibility for discs burned with certain Panasonic consumer burners.
    Adds Image Capture support for Canon EOS 10D, ZR65, and ZR 70 cameras.
    Adds disc burning support for several device-LaCie d2 DVD Multi U&I Drive and d2 CD-RW 52x24x52x, Visual Frontier COHH-B1-A48 and COSP-B1-C24, MacPower Cold Chisel 24x12x24x8x, and these BUSlink devices: FW5252FM FireWire 52x24x52x CD-RW drive, FW4848FM FireWire 48x12x48x CD-RW Drive, RW4040FM FireWire 40x12x40 CD-RW Drive.
    Addresses an issue in which domain name lookups could fail if the DNS server responded with a very large reply packet.
    Improves the way that LDAPv3 connections time out when idle.
    Addresses a potential data loss issue that could occur when copying certain files to an SMB volume.
    Addresses issues with Internet Sharing when certain types of DSL or cable modem connections are shared.
    Improves security by resolving an issue in which a guest could gain read access to the contents of a shared Drop Box folder remotely.
    The Internet preference pane can now store .Mac passwords that are up to 32 characters long.
    Addresses an issue in which some Apple internal modems could not establish or maintain a connection to certain Scandinavian Internet service providers
    Improves Mail's selection of character encoding for messages sent in these languages: Arabic, Bulgarian, Greek, Hebrew, Hungarian, Icelandic, Polish, Romanian, Russian, Thai, Turkish, Ukrainian.
    Improves Mail responsiveness for accounts configured with multiple POP servers, when the servers are unavailable.
    Addresses an issue in which an application could unexpectedly quit when printing, if /tmp was missing or unavailable.
    Addresses an issue in which a damaged GIF file, such as a Web site graphic, could cause an application to unexpectedly quit.
    Addresses an issue in which certain PICT graphics could not be displayed.
    Addresses an issue in which the date may unexpectedly be set to 1969 or 1970 during startup.
    Addresses an issue when using the Hanin input method for Traditional Chinese in which Carbon applications could unexpectedly quit if a modifier key (such as Control) was pressed when no text insertion point was available.
    Addresses an issue in which Classic fails to start ("Error 1016") when applications available to a non-Admin user are restricted.
    Addresses an issue in which the Classic environment could become unresponsive after placing a Classic application's save confirmation dialog box in the background.
    Addresses an issue in which using the Command-Option-Shift-Q key command would immediately quit the Classic environment.
    Improves the reliability of AppleEvents traffic (inter-application communication) between software running in the Classic environment and native Mac OS X; addresses an issue in which a user might not be able to logout after using a Mac OS 9 version of America Online (AOL).

  9. Fixes SERIOUS Directory Services vulnerability. by netsrek · · Score: 4, Informative

    According to a vulnerability report release by @Stake, this fixes a serious security hole.

    http://www.atstake.com/research/advisories/2003/a0 41003-1.txt


    Overview:

    DirectoryServices is part of the MacOS X information and authentication subsystem. It is launched at startup, setuid root and installed by default. It is vulnerable to several attacks ultimately allowing a local user to obtain root privileges.


    Details:

    During the startup of DirectoryService, the application creates a lock file by executing the touch(1) UNIX command. It executes touch through the system() libc function. This function is inherently insecure and its use is strongly discouraged in privileged applications.
    Since this call to system() does not specify a full path to the touch(1) command, it is possible for an attacker to modify the PATH environment variable to specify a directory containing her own version of the touch(1) command. In this instance, this would cause DirectoryService to execute arbitrary commands as root.

    In order for an attacker to exploit this vulnerability, they must first cause DirectoryServices to terminate. This can be done by simply connecting to port 625 repeatedly using an automated program.

    --

    i don't read slashdot anymore.
  10. OpenGL is much faster by presearch · · Score: 4, Informative

    In my game tranquility, I'm seeinga solid 10% increase in frame rate. Very nice Apple! Thanks.

  11. Security Update Components in Mac OS X 10.2.5 by Rouxfus · · Score: 5, Informative
    This information was distributed on Apple's security-announce mailing list:

    Mac OS X 10.2.5 is now available. It contains fixes for recent vulnerabilities in:

    1. Apache 2.0: Fixes CAN-2003-0132, a denial of service vulnerability in Apache 2.0 versions through 2.0.44. Apache 2.0 is distributed only with Mac OS X Server, and is not enabled by default.

      Directory Services: Fixes CAN-2003-0171 DirectoryServices Privilege Escalation and DoS Attack. DirectoryServices is part of the Mac OS X and Mac OS X Server information services subsystem. It is launched at startup, setuid root and installed by default. It is possible for a local attacker to modify an environment variable that would allow the execution of arbitrary commands as root. Credit to Dave G. from @stake, Inc. for the discovery of this vulnerability.

      File Sharing/Service: Fixes CAN-2003-0198 where the contents of the write-only DropBox folder can be revealed. When enabled, Personal File Sharing on Mac OS X or Apple File Service on Mac OS X Server, a "DropBox" folder is available by default to allow people to deposit files. This update no longer allows the permissions of the "DropBox" folder to be changed by a guest.

      OpenSSL: Fixes CAN-2003-0131 Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding. The patch from the OpenSSL team, which addresses this vulnerability, is applied to Mac OS X and Mac OS X Server.

      Samba: Fixes CAN-2003-0201 which could allow an anonymous user to gain remote root access due to a buffer overflow. The built-in Windows file sharing is based on the open source technology called Samba and is off by default in Mac OS X.

      sendmail: Fixes CAN-2003-0161, where address parsing code in sendmail does not adequately check the length of email addresses. Only the patch from the sendmail team is applied to the currently-shipping version of sendmail in Mac OS X and Mac OS X Server.


    System requirements: Mac OS X 10.2.x (Jaguar)

    Mac OS X 10.2.5 may be obtained from:
    1. Software Update pane in System Preferences
    2. Apple's Software Downloads web site:

    3. Updating from Mac OS X 10.2.4:
      http://www.info.apple.com/kbnum/n120210
      The download file is titled: MacOSXUpdate10.2.5.dmg
      Its SHA-1 digest is: 1f98f9a21c3f17be823e2d63d90e534df01b3fdf

      Updating from Mac OS X 10.2 through 10.2.3:
      http://www.info.apple.com/kbnum/n120211
      The download file is titled: MacOSXUpdateCombo10.2.5.dmg
      Its SHA-1 digest is: a8ed6287d5bd0bdf67a2c0fd97b3af810f178d21

    Information will also be posted to the Apple Product Security web site:
    http://www.apple.com/support/security/security_upd ates.html

    This message is signed with Apple's Product Security PGP key, and details are available at:
    http://www.apple.com/support/security/security_pgp .html

  12. Update didn't work. by speechpoet · · Score: 4, Funny

    My PowerBook's still a WallStreet.