Apple learns to sign its code...
R. A. Hettinga
rah at shipwright.com
Sat Jul 13 14:57:48 EDT 2002
--- begin forwarded text
Status: U
Subject: Security Update 7-12-02 is available
From: Apple Product Security <product-security at apple.com>
To: security-announce at lists.apple.com
Sender: security-announce-admin at lists.apple.com
Date: Sat, 13 Jul 2002 08:22:35 -0700
Security Update 7-12-02 is now available. It contains Software Update
client version 1.4.6 which fixes CVE ID CAN-2002-0676 to increase the
security of the Software Update process.
Affected systems: Systems with Software Update client 1.4.5 or
earlier
System requirements: Mac OS X 10.1 or later, or Mac OS X Server
10.1.x or later
New features: Software packages that are available for download via
the Software Update process are now cryptographically signed. Software
Update client 1.4.6 checks for a valid signature before installing new
packages. Downloaded packages which do not contain a valid signature
are deleted from the system.
Security Update 7-12-02 may be obtained from:
Apple's Software Downloads web site (for Mac OS X 10.1 or later)
http://www.info.apple.com/kbnum/n75304
Software Update pane in System Preferences (for 10.1.1 or later)
To help verify the integrity of Software Update client 1.4.6 from the
Software Downloads web site, the download file is titled
"SecurityUpdate7-12-02.dmg" and its SHA-1 digest is:
2c039c683b7001defc35f93ba1f68db3e33e41fc
Information will also be posted to the Apple Product Security web
site: http://www.apple.com/support/security/security_updates.html
This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html
_______________________________________________
security-announce mailing list | security-announce at lists.apple.com
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list