Apple Computer Inc. on Monday released an update to its Mac OS X client software, called “Panther,” as well as a security fix for the recently revealed hole in a graphics library used by Unix-based operating system such as Linux and Panther. The files were delivered through the companys Software Update service.
Security Update 2004-08-09 addresses a vulnerability in the PNG library, aka libpng, a collection of graphics routines that manipulate PNG (portable network graphics) files. PNG, an alternative to the GIF format, is now common to Web sites.
A security researcher late last week uncovered several problems in the library that could be used by a malicious PNG file to crash a program, or produce a DDoS (distributed denial-of-service) attack in a browser.
According to Apples technical documentation, the OS X 10.3.5 update beefs up support for Bluetooth wireless and broadband networking, updates graphics drivers, improves compatibility with a number of Apple and third-party applications, and wraps up a series of previous security updates.
One new capability is support for the import of MPEG-4 movie files from digital cameras by the Image Capture application. The software is the Macs bundled utility for downloading images from scanners and cameras; it also supports the sharing of image capture peripherals over a network.
On the networking front, Apple said the update improves support for DHCP connections with Comcast cable modems and for printing to Bluetooth-capable printers by Hewlett-Packard Co.
Version 10.3.5 also fixes a known issue with the length of network home directory names on LDAP-based AFP (Apple Filing Protocol) servers. Apple said it will now limit the shorter name to 24 characters, down from 39 characters. The long name can comprise as many as 89 characters, as in the previous versions.