Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


   Security Update 2012-004 (Snow Leopard)

   Agen G. N. Schmitz

   Apple has released Security Update 2012-004 for both [1]Mac OS X 10.6.8
   Snow Leopard and [2]10.6.8 Snow Leopard Server, both of which address
   the same issues. Among the [3]list of fixes, the releases update Apache
   2.2.22 to prevent a vulnerability that could lead to denial of service,
   adds a revoked TrustWave root certificate to a list of untrusted
   certificates, and updates the DirectoryService Proxy to prevent an
   arbitrary execution of code due to an overflow buffer vulnerability.
   Note that Apple incorrectly lists the file size of the 10.6.8 Snow
   Leopard Security Update as 2.36 MB ' it is actually 257 MB. (Free,
   257/276 MB)

References

   1. http://support.apple.com/kb/DL1586
   2. http://support.apple.com/kb/DL1587
   3. http://support.apple.com/kb/HT5501

.