Slashdot Mirror
Mac OS X 10.3.4 Released
sizemoresr writes "The 10.3.4 Update delivers enhanced functionality and improved reliability for Mac OS X v10.3 'Panther' and is recommended for all users. Key enhancements include: improved file sharing and directory services for Mac (AFP), UNIX (NFS), PPTP, and wireless networks; improved OpenGL technology and updated ATI and NVIDIA graphics drivers; improved disc burning and recording functionality; iPods connected via USB 2.0 are now recognized by iTunes and iSync; additional FireWire audio and USB device compatibility; updated Address Book, Mail, Safari, Stickies, and QuickTime applications; improved compatibility for third party applications; previous standalone security updates."
FP!
However, I wish Apple would provide more information on their updates. They are so generalized.
If they're serious about the Enterprise space, this is a must do.
Can I grab it off Limewire?
On the plus side, it now only takes 19 minutes to copy that damn file.
I guess it's not all bad...
From what I could see by carefully reading the technical info on it, it doesn't appear to fix the recently discovered protocol handler exploits, apart from the earlier fix for the help: exploit (which doesn't appear to cure ALL help: exploits).
These exploits are serious, and will require a significant overhaul of the protocol handler code as well as a possible revision on the handling of downloadable disc images in Safari (which is a factor in many of the exploits). Yes, they could have waited, but if 10.3.4 was already ready, I'd prefer for Apple to release it on time and give us the fixes they can right now, and then work on the recent problems to provide us a good security patch (or maybe a 10.3.5) when they've fixed it.
If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
Ahh, thank you ssh and apple for allowing me to do this: ($:~)-> softwareupdate -i MacOSXUpdate10.3.4-10.3.4 Now my box will be nice and updated before I even leave work.
its like 41 megs! Wonder if burning support means more supported cd-rw drives
"Slashdot, where telling the truth is overrated but lying is insightful."
Apple's KB article on the 10.3.4 update. http://docs.info.apple.com/article.html?artnum=257 64
For what it's worth, Safari now reports itself as version 1.2.2 (v125.7).
Didn't you get the customer service brainwashing^H^H^H^H^H^H^H^H^H^H^H^H education. You never say 'hole' or 'bug' to a customer. I remember one time I was in a meeting about an application and how it would relate to the firewall that I was administering. I mentioned that some pinholes would be need to be opened for the specific ports. After that meeting my project manager lectured me that "Don't ever say pinhole to the customer, it's an access point." I mentioned that it was one of the terms we used to describe opening very fine access in a firewall. He replied that I should never say 'hole' to the customer when refering to security. So we would just say 'rule' in the meeting and use the word 'hole' for other descriptors.
"And now you shall learn the secret of boot to the head"
Why doesn't another company do what Apple is doing: take an Open Source structure, and charge for a nice ass desktop environment.
I just started this 10.3.4 update and it downloaded very quickly. Much quicker than the 41 mb file size would suggest.
Does this update skip updates that were already released, downloaded and installed?
Doesn't seem any slower or faster.
Most importantly, it looks like some of the URI handler problems/security holes are now patched as well. I had uninstalled the "Paranoid Android" Haxie before the update (to make sure there weren't any install issues) so it was no longer running.
It looks like none of these exploits seem to work any more after the 10.3.4 update.
Nice work,
DaveC
There are no stupid questions...just stupid people.
wow, your boss soounds like a real 'rule', or hole (to use another descriptor)... ;)
Ross Winn "not just another ugly face..."
See this post for the links to the exploit examples I tested against. (I had not modified any of my URL handlers at all, and had already uninstalled "Paranoid Android" prior to updating so my system was unprotected from the old URL exploits).
While the immediate danger seems to be gone, the halcyon days of being a OS X User seem to be gone now that we have the attention of the various asshole hacker/script-kiddies out there. Just a matter of time before some other hole is found (but it is inevitable with any software as complex and interoperable as an Operating System).
Still, I'll take my chances with OS X over Windows ANY day.
There are no stupid questions...just stupid people.
Well, it really seems to improve compatibility with my M-Audio Firewire 410 audio card. It now connects immediately, where before I had to try at least twice most of the time. Also the preferences are saved more reliably it seems, where before you needed to be lucky and do some odd standby/reboot combinations for preferences to be saved...
Thanks Apple!
Bitten Apples are still better than dirty Windows...
10.3 broke PPTP which I need to connect to my ISP (via cable), now they added an option to disable encryption (apparently MPPE) and that fixed it.
For connecting in 10.3.3 I had to use a shell script but now it works from the GUI too.
It seems odd to me that they would fix such a major security flaw so quickly and quietly. I mean, I'd expect them to toot their horn at least a little bit about it....
I think burning support means that they're going to be a lot more sympathetic to your endless stories about painful urination. Or it could be this from the Knowledge Base:t num=256 05
http://docs.info.apple.com/article.html?ar
Mac OS X 10.3: A disc doesn't appear in the Finder after you burn it
Learn how to troubleshoot a disc that doesn't appear in the Finder after you burn it, with Mac OS X 10.3 through 10.3.3. A disc that doesn't appear in the Finder after you burn it is probably OK if no alerts appeared while it was being burned. Simply eject the disc and reinsert it to make it appear in the Finder. You only need to do this one time after burning the disc. Eject the disc by pressing the Media Eject key or the F12 key. Update to Mac OS X 10.3.4 or later to avoid this issue.
Addresses an issue in which scheduled items, such as automated backups or Software Update checks, may not work if the computer is asleep at the scheduled time. With this update, the schedule will run once the computer wakes from sleep.
What about the periodic scripts (daily, weekly, monthly)? Is anacron now unnecessary?
zach
I've put up a test page at http://test.doit.wisc.edu/, and the exploit still works via afp, ftp, disk, and downloadable file in the default configuration of Mac OS X 10.3.4.
To protect yourself, you still MUST:
- disable "open safe files after download" in Safari
- disable the following protocols (or reassign to a helper other than Finder):
afp
ftp
disk
disks
and additionally:
telnet
ssh
and/or install Paranoid Android
Hopefully Apple will find a reasonable resolution for this soon.
and I bet it's a result of this.
This algorithm completely transforms the feel of Safari over DSL and modem connections. Page content usually comes screaming in at the 250ms mark, and if the page isn't quite ready at the 250ms, it's usually ready shortly after (at the 300-500ms mark). In the rare cases where you have nothing to display, you wait until the 1 second mark still. This algorithm makes "white flashing" quite rare (you'll typically only see it on a very slow site that is taking a long time to give you data), and it makes Safari feel orders of magnitude faster on slower network connections.
Because Safari waits for a minimum threshold (and waits to schedule until the threshold is exceeded, benchmarks won't be adversely affected as long as you typically beat the minimum threshold. Otherwise the overall page load speed will degrade slightly in real-world usage, but I believe that to be well-worth the decrease in the time required to show displayable content.
...installed without any issue on both Dual G5 and single processor G5 systems. Initial impressions -- my Dual G5 system does appear to run snappier -- GUI response even better than it was in 10.3.3 -- no doubt the result of the improved video drivers in the update. No problems with the update whatsoever -- the update downloaded in a few minutes with a broadband condition.
The PC Weenies: 11 Years of Online Tech 'Too
I was re-installing panther on a new hard disk for my cube, and did the software update thing after i got it running. When I saw 10.3.4 update, i was blankly confused, but clicked ahead anyway for some reason. Now, two hours later, I'm reading Slashdot and realizing that there actually was a new update today, and feeling like a software-installing Forrest Gump, happening to be at the 'right' place at the 'right' time.
Everything is cool so far, but I feel like a total idiot for not noticing. And yet I feel compelled to tell this to other people...
Your boss is trying to get you to view life from the prospective customer who doesn't give a rat's ass from a hole in the ground. But thanks to the digital press media's rampid hyperbole the term 'hole' is now becoming synonymous with virus and job security.
Damn, Safari is fast!!!!
Updated on Cube - against better judgement, for better firewire drive compatibility - and all seems well...
I think, therefore I am...I think.
Applied the update..upon reboot trackpad on my Pismo 500Mhz didnt work at all. After second reboot it worked fine..looking for more anomalies..2 b continued...MU HAH HAH HA
Alot of the comments so far have been "I hope the exploit was fixed." But was anyone actually hit by the exploit in a malicious manner. Granted, its something that should be patched, but what has the demand for it been like? Other than the example links floating around, I havn't really seen it anywhere else.
while rendering a site that contains alot of javascript and java. safari crashed hard. I sent the report to apple. back to the lab.
It sounds like Apple isn't going to retire the 'Version 10' on their current MacOS version anytime soon. Will they indefinitely release .dot versions? It's not a negative question, nor is it necessarily a bad thing for them to do so.
NetBSD is still at version 1 (1.6.2 is the latest I am running) and Solaris has been at version 2 through all the versions (2.5, 2.6, 2.7, 2.8, etc.) for years, even though they call 2.8 Solaris 8.
Just an interesting thing to ponder. There's enough difference between the initial MacOS X release and the current release that they should definitely have different version numbers.
resigned
This text is slightly modified from:
n y%20third-party%20CD-R%20burner.txt
/Library/DiscRecording/DeviceProfiles/
/Library/DiscRecording/DeviceProfiles/
http://www.cilly.dyndns.org/calabar/docs/ Mac%20OS%20X%2010.3%20-%20add%20support%20for%20a
For Mac OS X 10.3 (aka Panther) ONLY!
Add support for any third-party CD-R burner
Do the following command in Terminal.app (note that $ is the prompt):
$ drutil info
It will give you a similar output:
Vendor Product Rev
PLEXTOR CD-R PX-W4012A 1.05
Interconnect: FireWire
SupportLevel: None
Cache: 4096k
CD-Write:
DVD-Write:
Strategies:
You should add burner support for all users:
$ sudo mkdir -p
Then create a file with a similar name in the above directory:
$ cd
$ sudo pico PX-W4012A.drprofile (use your_burner_name.drprofile)
With a similar content (copy and paste exactly the words from your drutil info below):
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<array>
<dict>
<key>DRDevicePersonalities</key>
&nbs p; <array>
<dict>
<key>DRDeviceProductName</key>
<string>CD-R PX-W4012A</string>
<key>DRDeviceVendorName</key>
<string>PLEXTOR</string>
</dict>
</array>
<key>DRDeviceProfile</key>
<dict>
<key>DRDeviceDescription</key>
<string>40x12x40x PlexWriter</string>
</dict>
<key>DRDeviceProfileVersion</key>
<integer>1</integer>
</dict>
</array>
</plist>
If you look at this string:
<string>CD-R PX-W4012A</string>
You see that there are more spaces than just only one!
Copy the output of the Product-info you got with the drutil command.
Vendor Product Rev
PLEXTOR CD-R PX-W4012A 1.05
You can verify in "System Profiler.app" if you applied your hack successfully:
Disc Burning: DRDeviceSupportLevelUnsupported
Have fun burning!
What is the improved functionality in "Stickies?"
because i know that help 'sploits and ical performance are way back on my list - and being 'the typical' mac user i dont care about these things - but stickie updates... ohhhh yeah
---- The real Slashdot is still here. You just have to browse at -1 to read the comments.
Thanks,
Ian
OK, so my setup is apparently somewhat resistant for now, not bullet proof but nice to know: 10.3.4, disabled the "Open Safe files" option, running Privoxy (which is set to default actions)
The help viewer URL problem is apparently patched and so is the SSL hole (according to another post on this page) so that is a comfort. Not the cleanest fix but in my case it works well.
Sorry for the wild goosechase or if I mislead anyone into thinking the problem had completely disappeared. On first inspection, it REALLY did seem to me that I wasn't vulnerable...well I wasn't, but no thanks to Apple.
DaveC
There are no stupid questions...just stupid people.
With multiple monitors, X11 applications now seem to start in the primary monitor rather than in the leftmost monitor.
My system softly crashed in a very strange way...
It started with the finder bar. The battery and airport icons turned sort of transparent, displaying documents from my desktop (which are never that high up) over a black background.
It was the first time I saw OS X make my background image go black.
Gradually, every application window started to turn completely white. I had to exposé to identify which program I was shutting down. Movements remained coherent.
Then the airport icon appeared in the central area of the screen, and was attached to the left upper corner of a document. It moved around when I moved the document.
Rectangles of white owned the screen. Couldn't kill them.
Resorted to logging out.
damn
This is a real show stopper for me since I often generate tables from a web database and need to paste the results into excel.
What is worse, this was fixed in a much earlier version of Safari and was then broken again and has remained so ever since.
I have used the Bug button to report this many times but apparently these go unread....sigh... time to start explorer up yet again.
Two questions regarding a G5 Xserve with 10.3.3 Server: /Library/WebServer/Documents directory)
(1) Is this update for Server or only the client version of OS X?
(2) Will this or other updates make changes to/overwrite existing configuration files that have been customized? (Specifically httpd.conf, php.ini, and the default
In general what are best practicices for applying patches to production environments?
I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.
I had made a suggestion to Apple that the iCal icon should always show the current day when the program is running; it switches from the default July 17 (or whatever it is) to the current day *when you start the program*, but the icon never changes again, and it was a habit I got into very quickly to look at the dock to see what the date was instead of clicking on the time in the menu bar.
There clearly exists code to update the icon while the program is running (the 9 fills from the bottom to the top when starting classic, quicktime movies keep playing in the dock, etc.) so I would naively think it would be easy to add another thread to update the icon.
But other than that I'm quite pleased.
Yet I feel as though I need to leave my cube, drive home, open my PowerBook and get it updated as soon as possible.
Conserve Oil, Recycle, Boycott Walmart
I have a workaround for that using Adobe GoLive (may work in other wysiwyg html editors, but GoLive is all I have). I save the page to the hard drive, then open in GoLive, then copy and paste the table into Excel. An extra step, yes, but it avoids using explorer.
So, after installing the update and rebooting my mac won't come back up. So I booted with verbose messages and I get a LOT of these error messages, then it just stops with unbound variables in /etc/rc (pressumably because netinfo can't start).
bootstrap_look_up() failed (ipc/send) invalid destination port
When booted single mode, trying to force restart NetInfo gives this...
Could not create IPC port (com.apple.SystemStarter).Hangup
Anyone have any ideas on how to fix this???
Never fear, download the standalone version from Apple's web site and your download speed should BLAZE.
They also have specific details regarding what is being updated along with the usual banter.
If you're half as beautiful naked, you'd be 4 times as beautiful with twice as many clothes on.
Yeah - the predictable happened. Mouse pointer freeze and all. Leaving me with a honked installation that won't boot.
I rebooted to OS9 & downloaded the standalone, reinstalled 10.3 on a different partition [I would have fixed it singleuser, but installer was giving me "Carbon Lazy Values"] and ran:
installer -pkg MacOS10.3.4blahblah.pkg -target /Volumes/Macintosh\ HD/
Then I tried to reboot to that install. Anyway - it's even more screwed than before.
Ideas?
Trust me. This is an inactive account. Regardless of what the
i never installed Paranoid Android or any other third party app to address this issue. A few minutes ago, I tested all the exploits in this post and confirmed they worked in 10.3.3.
Then I just ran the software update and installed 10.3.4 and went back to test those same exploits, and they still work: test.app does get launched, shows me a warning with t3h [suck] button, and places owned.txt in my home directory.
in conclusion: 10.3.4 does NOT fix those vulnerabilities.
Has anybody heard from Apple on this?
Extraordinary Vacations. Exceptional Prices
Anybody using uControl? I can't update until I know my caps -> control change will still work. 1.4.3 is the latest release, but it's for 10.3.x -> 10.3.3.
-- http://frobnosticate.com
Is anyone else with the updates getting minor refresh problems with Photoshop 7.01 especially when dealing with text. These refresh problems makes me feel like I am running windows, and I dont like it.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I installed the update, and at the end the screen went black. The computer won't boot into OS X now; I just get a blue screen with a mouse cursor which I can move (I can do nothing else).
/etc/rc-something about "124 Hangup". I have no idea how to fix this and can't find my install CDs. Grrrr...
Booting into verbose mode give an error about line 252 in
Mac OS 8.6 (for which I was a alpha/beta tester) was renamed to Mac OS 9 because Apple's contractual obligation to third-party PowerPC platforms extended only to Mac OS 8.x.
I may still have an 8.6.* install CD lying around here somewhere.
I was born not knowing and have had only a little time to change that here and there. -- Richard Feynman
He has earned this nickname, but to keep it, he feels he must always apply every update the second it's available. So we just refuse to admin his machine.
Of course, he's installed this update, and now he's having issues with some ( not all, some ) email messages where hitting 'reply' or 'forward' fails to bring up a new message window. He says quitting and relaunching brings up the not-previously-visible windows. He also sees this :
someone tried to use nil as a dictionary key, I guess...Is anyone else seeing this type of issue, or should we blame this on his overly-modified ( frickin' chrome-look everywhere ), haxie-filled environment ?
I installed the update, and my desktop directory decided to digest its contents. It's now completely empty.
By reading this you acknowledge that you have read it.
What I really want is week numbers (very important here in Sweden) on the calendars.
There were two users logged in at the time (via Fast User Switching), myself and a non-admin user. Apple may not have tested the upgrade in that situation, so I'd advise running the upgrade with only a single user logged in.
After I applied the update, Halo is much slower now to my chagrin.
I thought the new OpenGL and NVIDIA stuff would make it fly...
Your boss was right. Saying that you're opening a hole in the firewall gives the impression that security is compromised. Even if the customer understands IP security, it doesn't give any information about the scope of the change.
Describing it as "adding a rule in the firewall rulebase, which allows only the necessary source IP addresses to access only the needed ports on the host in question" conveys the scope of the changes. Better yet, allowing access only to IPSec encrypted sessions authenticated with X.509 certificates would be even better.
I've only been an MacOS X user for about two years now. But, all my previous upgrades have worked well. This upgrade installed fine on my Cube, but my PowerBook didn't like it at all.
My Cube installed the patch, and gave me the dialog box asking me to reboot. My PowerBook installed it, and at some point near the end of the install (maybe the "Optimizing Volume" step) it froze the machine, with the message saying "You need to reset this machine. Hold down the power button for several seconds." So, I did that and it rebooted to the login screen. When I entered my password it dropped me to the Darwin text console login screen. If I entered a password there, it denied my login and brought be back to the GUI login screen.
After monkeying with that a while, I copied my data off the machine by booting it in firewire disk mode. Then I reinstalled OS X from the restore disk. When I ran software update and tried to install it again, I got the same system freeze and reset machine message (it happened at 97% of the optimizing volume step). Fortunately, this time it rebooted fine. But, my confidence in OS X has gone down quite a bit now.
Mac OS 8.6 existed. It was a free update to 8.5, back when the update cycle was six months and alternated Major/Paid - Minor/Unpaid.
It's a shame that Apple still hasn't fixed the problem with large FAT filesystems. I'm still unable to connect my 30GB USB drive, whereas it works everywhere else.
I thought I would try something different and Install the 10.3.4 upgrade via firewire target disk to my powerbook from my dual G4. Updates usually go well for me. I mounted the powerbook disk and ran the Apple stand alone installer. The software loaded normally. Restarting the powerbook the restart hung at the Apple screen. I ran repair disk and permissions and observed huge permissions fixes. Restarted and the Powerbook booted but with some system preference warnings that some were not installed properly ( apple time clock) I remounted the powerbook disk in target disk mode and moved the update to the powerbook. Reinstalled the update and all is well. Mind you I did run Permissions and Tech Tool Pro to optimize the directory. Powerbook is now as fast or faster than ever. I run it on a Win2k network and there are no problems at all. The last time I will try the Firewire trick.
What Mac computers do you recommend that can handle the job of editing and rendering films? Any help anyone can provide can be sent to allenwoodymatt@yahoo.com
If you don't see one listed (e.g. disk), click "add" then enter your prefered non-scriptable app (e.g. chess).
Its always a good idea to repair permissions as well as booting off of the install cd and repairing any hard drive issues. This saves a lot of headaches.
Choosing the lesser of two evils is a choice for evil.
few quotes from TheRegister:
"A major revision of Apple's Mac OS X operating system released this week fails to come bundled with a vital, recently-issued security fix."
"A security patch (2004-05-24) which guards against a vulnerability in the Help viewer sub-system is absent from the Mac OS X version 10.3.4, despite claims to the contrary by Apple."
"This confusion is compounded by Apple, which has thus far failed to address another critical - and easily exploitable - security hole which it wrongly told Techworld was fixed by the Help Viewer patch."
"An updated version of a security testing tool by Unsanity establishes that even patched systems are vulnerable. So patched Mac OS X systems are vulnerable and unpatched systems are even more vulnerable."
Now, if I ever again see one of the Mac zealots here advertising MacOS against Windows because of vulnerabilities & patches stuff, I'll instantly go into "undefined behaviour"!
"There is nothing more frightful than ignorance in action." Johann Wolfgang von Goethe