Forgot your password?
typodupeerror
OS X Businesses Operating Systems Security Upgrades Apple

Apple Releases Security and Xcode Updates 75

Posted by pudge
from the aw-i-thought-my-computer-was-perfect-how-it-was dept.
optikz writes "A security update is available in Software Update. 'Security Update 2003-11-04 addresses a potential vulnerability with the Terminal application in Mac OS X v10.3 and Mac OS X Server v10.3 that could allow unauthorized access to a system.'" sandrift writes "Software Update just popped up with Xcode Update 2003-11-03" Apple notes that "The Xcode update addresses an issue in the Xcode IDE that could potentially lead to data corruption or the loss of files particularly when source files contain illegal characters." Apple does not note, however, that Software Update will attempt to quit Terminal.app when installing the Security Update.
This discussion has been archived. No new comments can be posted.

Apple Releases Security and Xcode Updates

Comments Filter:
  • No 10.2? (Score:5, Funny)

    by Otter (3800) on Tuesday November 04, 2003 @07:54PM (#7391375) Journal
    Security Update 2003-11-04 addresses a potential vulnerability with the Terminal application in Mac OS X v10.3 and Mac OS X Server v10.3...

    What? They're not issuing an update for 10.0 or 10.1? It's a plot to force Mac users to upgrade! Apple is worse than Microsoft! Worse than Red Hat! That's why they'll never Succeed In The Enterprise!

    OK, maybe not worse than Red Hat.

  • Wonder when they'll fix it.
  • So? (Score:3, Insightful)

    by trublaha (650819) on Tuesday November 04, 2003 @07:56PM (#7391394)
    Apple does not note, however, that Software Update will attempt to quit Terminal.app when installing the Security Update.

    Is that such a big deal? I mean, if it's replacing the application, it's kinda going to have to quit it! Normally I like to quit as many running processes and applications before applying updates, just be sure.

    Anyways, good to get an update so early. Haven't really noticed any of the problems with XCode, but it's reassuring knowing they're being addressed before I can encounter them!

    • Re:So? (Score:1, Informative)

      by Anonymous Coward
      Also, the operative word there is "try." If your terminals are active (running anything other than a shell, that is), you'll get a "do you really want to quit?" alert.
    • by pudge (3605) *
      Is that such a big deal? I mean, if it's replacing the application, it's kinda going to have to quit it!

      It is if you weren't thinking about it, had some processes running in the Terminal, and didn't have the preferences set to not close without warning if you have processes running (which, IIRC, is the default).

      It's not a huge deal, but it absolutely should warn you before doing it.
      • ...and didn't have the preferences set to not close without warning if...

        Mind... melting..

      • by MoneyT (548795)
        The terminal is set by default to ask you if you want to quit if you have processes running. If you turned that off, it's your fault for not thinking ahead.
    • by tm2b (42473)
      Look at it as Apple doing some preemptive education of its user base, teaching us to pay more attention.

      It could be sorta bad. It's not obvious that Terminal is being replaced - you might guess it's something like sshd or apache and simply not care enough to check - or you might be one of those unsophisticated users who say "Oh My GOD! Apple says to install a security update now, don't know what this means but it must happen ASAP!"- if you tell it to go ahead and install without checking you can lose a
    • Re:So? (Score:2, Informative)

      by rixstep (611236)
      I mean, if it's replacing the application, it's kinda going to have to quit it!

      Not at all. You've obviously never tried. What's loaded is loaded - you won't get any new NIBs if the old ones are removed - but you're perfectly capable of overwriting the disk image of a running process.
      • I mean, if it's replacing the application, it's kinda going to have to quit it!

        You would hope so, wouldn't you.

        My wife was very nervous about operating my computer when she first started (an Amiga 2000). She was sure she would break something. I assured her it was very user-friendly, and she couldn't do anything to it that I couldn't fix (not a boast I would make today ;-) ).

        She wrote her document. "What do I do now?"

        I told her to save the document before printing. She dutifully saved the document

    • I mean, if it's replacing the application, it's kinda going to have to quit it!

      Not necessarily, but it's a reasonable expectation. Of course, it's a reasonable expectation that Apple didn't provide. When I installed the update I don't recall it giving me any indication that it was terminal.app that was going to be modified, let alone that it would be trying to quit terminal for me. They should have indicated both. Most Apple security updates require delayed reboots to finish installation, IIRC, so I

    • by aduzik (705453)
      Also (and I learned this the hard way) you need to make sure to quit Xcode when it updates that, too. My system hung -- I mean "gray screen of death" hung -- because I was running Xcode when I updated. At least, that's what I've been able to figure out so far.
  • It could be worse. (Score:2, Insightful)

    by jptechnical (644454)
    I have installed some win updates that shut down the entire system with no warning.

    Nothing gets your blook pumping like a minor patch rebooting the DC in the middle of the afternoon.

    Note to self... 'finish' sometimes means restart.
    • by Pathwalker (103) * <hotgrits@yourpants.net> on Tuesday November 04, 2003 @08:17PM (#7391579) Homepage Journal
      Shouldn't you be applying those patches during a scheduled change window, outside of production hours?

      Shouldn't you have noticed that the patch forces a reboot when you applied it to one of your test systems to see if it would cause any problems?
      • by Anonymous Coward
        Shouldn't you be less of a pawn to the borg
        • by Anonymous Coward
          Shouldn't people be doing that for any OS - microsoft product or not?
      • by Anonymous Coward
        Shouldn't you wake up to the reality that not everybody can/wants to spend every waking hour worrying about something as simple as a software patch/update.

        Patching should be a 1-4 minute process. Not ages of testing and re-testing.
        • Shouldn't you wake up to the reality that you can't trust any software - Linux or Windows or MacOS - to be bugfree.

          Which would you rather do?
          1. Spend an hour or so checking out a patch on a test system before installing it.
          2. Tell your boss to send everyone else home for the rest of the day because you fucked up because you didn't take a basic precaution because you were in too much of a hurry.

          How do you think your boss will react if you chose option 2?

    • Note to self: Don't hire this moron who patches a DC in the middle of the afternoon.
  • Hmm. Once I've applied the patch Software Update still lists it as an available patch the next time I check for updates. I wonder what I managed to break when I installed Fink..?
  • by bpbond (246836) on Tuesday November 04, 2003 @09:06PM (#7392008) Homepage
    Boy, after Apple's recent Firewire drive and FileVault data erasure issues, I think I'll let someone else go first. Let me know how things look, post-update, tomorrow morning...
  • by Anonymous Coward
    I just installed the updates and now it seems iMail crashes when it attempts to fetch email:

    Date/Time: 2003-11-04 21:55:29 -0800
    OS Version: 10.3 (Build 7B85)

    Command: Mail (/Applications/Mail.app/Contents/MacOS/Mail)
    PID : 672
    Thread: 5

    Exception: EXC_BAD_ACCESS (0x0001)
    Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x00000000

    Thread 0:
    #0 0x900075c8 in mach_msg_trap (mach_msg_trap + 8)
    #1 0x90007118 in mach_msg (mach_msg + 56)
    #2 0x90191930 in __CFRunLoopRun (__CFRunLoopRun + 848)
  • I'm doing the update now, its a little slow downloading. I just backed up and reformatted my old Pismo G3/500 for a fresh install of Panther, I figure I should start with a baseline OS with all current updates. Now I can try this before it can cause any trouble, on a blank new CPU. I have nothing to lose.
  • Maybe this will solve the problem with tcsh gobbling up loads of CPU cycles. I doubt it though, apple would have probably mentioned it directly. The problem with Mail detailed above could be something else entirely.
  • Apple does not note, however, that Software Update will attempt to quit Terminal.app when installing the Security Update.

    Panther seems stable and very solid, even though it did deep six my ProTools, wouldn't let me use my Geforce4MX card, etc . So I figured I'd give it a shot. Oh yeah, and reading bpbond's post [slashdot.org] forced me to give it a go.

    Much to my surprise, that the security patch didn't require a restart. To the best of my knowledge, this is a first. And, like the new installer, at the end it went

    • Now if Avid could update ProTools, and I can get ssh to listen over port 23 again (my place of employment has telnet open, but nothing else - I need to read slashdot!)

      Doesn't adding "Port 23" to /etc/sshd_config do it? (not that I have tryed, but a quick scan of hte man page says it will... oh, you probbably have to HUP sshd). Or are you asking how to get the client to use another port (-p 23 I think).

      Good luck.

      • This is probably totally off topic, but yes, you are right. That's how I've managed to get it to work through 10.2.8. As a matter of fact, right now I am tunnelling from work into a fresh 10.2.8 install.

        I have sshd_config set with Port 23, and Apache running mod_proxy. On the client (Windows side) I use putty.exe to use ssh over 23 and then set up port forwarding to Apache. This enables me to do all my "bad" surfing - Slashdot, MacNN, Macintouch - etc., all encrypted and below the radar of our contet
      • Yeah, add
        Port 23
        to the /etc/ssh/sshd_config. Also, if you want to make sure you get on from other places, and you don't run a web server, just use some common WWW ports.
        Port 80
        Port 443
        Port 8080
  • by teamhasnoi (554944) <.teamhasnoi. .at. .yahoo.com.> on Wednesday November 05, 2003 @11:58AM (#7396806) Homepage Journal
    My Adaptec 2096 SCSI card has been 'disappeared' since I installed Panther. It worked fine under 10.2.8.

    Apple is blaming Adaptec, Adaptec is blaming Apple. Since the driver was built into OS X, who should I go after? I hope this isn't another, "We no longer support SCSI".

"Silent gratitude isn't very much use to anyone." -- G. B. Stearn

Working...