Apple releases patches for Jaguar, Panther

The updates fix four issues, including security holes in the Unix printing system used by the Mac OS.

Robert Lemos
Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
2 min read
Apple released updates for the Panther and Jaguar versions of Mac OS X that fix security issues in the operating systems' printing, mail and encryption capabilities, as well as a critical vulnerability in the handling of Web addresses.

Apple gave little information about the patches, which were published Monday on the company's site. However, information on two of the vulnerabilities could be found at the Web site of the Common Vulnerability Encyclopedia, which is an attempt by Mitre, a systems engineering and information technology research organization, to create a complete database of software flaws.

Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

The most critical vulnerabilities, in a common Unix library for the extensible markup language (XML), could allow an attacker to execute code on a victim's computer by sending a long address, also known as a Uniform Resource Locator, or URL.

Apple also fixed two flaws in OpenSSL that made PCs vulnerable to a denial-of-service attack. OpenSSL is the open-source software implementation of the secure sockets layer (SSL) protocol for encrypting communications on the Internet. The software is widely used in networking equipment and on Linux servers.

Apple released little information on the flaws in the Mac OS X's printing capabilities and the system's mail services. The Mac OS X uses its own version of the Common Unix Printing System.

While all four vulnerabilities had listings in the Common Vulnerability Encyclopedia, references to the printing and mail flaws were reserved by Apple and contained no other information.