For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see "How to use the Apple Product Security PGP Key."
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other Security Updates, see "Apple Security Updates".
OS X Server v2.2.2
-
ClamAV
Available for: OS X Mountain Lion v10.8 or later
Impact: Multiple vulnerabilities in ClamAV
Description: Multiple vulnerabilities existed in ClamAV, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating ClamAV to version 0.97.8.
CVE-ID
CVE-2013-2020
CVE-2013-2021
-
PostgreSQL
Available for: OS X Mountain Lion v10.8 or later
Impact: Multiple vulnerabilities in PostgreSQL
Description: Multiple vulnerabilities existed in PostgreSQL, the most serious of which may lead to data corruption or privilege escalation. This update addresses the issues by updating PostgreSQL to version 9.2.4
CVE-ID
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
-
Wiki Server
Available for: OS X Mountain Lion v10.8 or later
Impact: Multiple vulnerabilities in Wiki Server
Description: Multiple cross-site scripting issues existed in Wiki Server. These issues were addressed by improved encoding of HTML output.
CVE-ID
CVE-2013-1034 : David Hoyt of Hoyt LLC Research