Bugtraq mailing list archives
Re: Mac OS X vulnerabilities
From: "Joshua Levitsky" <jlevitsk () joshie com>
Date: Tue, 28 Oct 2003 20:30:05 -0500
----- Original Message ----- From: "Thor Larholm" <thor () pivx com> Sent: Tuesday, October 28, 2003 2:23 PM Subject: Re: Mac OS X vulnerabilities
When most vendors are notified of security vulnerabilities in their
products,
they produce a patch for the affected versions of the software and
distribute it
for free. Does Apple plan to distribute a free patch for these security vulnerabilities to Mac OS X 10.2, or will my clients have to spend $129
per
workstation (the single user upgrade price) to have their Apple computer
stay
secure?
This is the first line of the APPLE-SA-2003-10-28 Mac OS X 10.3 Panther email sent to the Apple Security list today.... "Mac OS X 10.3 Panther has been released, and it contains the following security enhancements:" That sounds like they expect you to upgrade. Time will tell of course. Apple has only had a real OS for about a year or so. (Everything before 10.2 was unusable and certainly Mac OS 9.x was a childrens toy, not an OS.) If Apple is responsible then we should see 10.2 patches backported. I think it's reasonable that 10.3 patches come, and then 10.2 patches, and Apple should have some Life Cycle policy to say if everything before 10.2 is EOL or not. It's all a new world with Apple. Let us hope that they do not let us down. -- Joshua Levitsky, MCSE, CISSP System Engineer Time Inc. Information Technology [5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1]
Current thread:
- Mac OS X Long argv[] buffer overflow @stake Advisories (Oct 28)
- Re: Mac OS X vulnerabilities Thor Larholm (Oct 28)
- Re: Mac OS X vulnerabilities Joshua Levitsky (Oct 29)
- Re: Mac OS X vulnerabilities Radoslav Dejanovic (Oct 30)
- Re: Mac OS X vulnerabilities Mike Stark (Oct 30)
- Re: Mac OS X vulnerabilities Joshua Levitsky (Oct 29)
- Re: Mac OS X vulnerabilities Thor Larholm (Oct 28)