About the security content of OS X Server v2.1.1

Learn about the security content of OS X Server v2.1.1,

OS X Server v2.1.1 includes the content of OS X Mountain Lion v10.8.2. For further details see About the security content of OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004.

OS X Server v2.1.1

  • Messages Server

    Available for: OS X Mountain Lion v10.8 or later

    Impact: A remote attacker may reroute federated Jabber messages

    Description: An issue existed in the Jabber server's handling of dialback result messages. An attacker may cause the Jabber server to disclose information intended for users of federated servers. This issue was addressed through improved handling of dialback result messages.

    CVE-ID

    CVE-2012-3525

  • PostgreSQL

    Available for: OS X Mountain Lion v10.8 or later

    Impact: Multiple vulnerabilities in PostgreSQL

    Description: PostgreSQL is updated to version 9.1.5 to address multiple vulnerabilities, the most serious of which may allow database users to read files from the file system with the privileges of the database server role account. Further information is available via the PostgreSQL web site at http://www.postgresql.org/docs/9.1/static/release-9-1-5.html.

    CVE-ID

    CVE-2012-3488

    CVE-2012-3489

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Datum objave: