Reprinted from TidBITS#820/13-Mar-06 with permission.
Copyright (C) 2006, TidBITS. All rights reserved.
http://www.tidbits.com/

MailBITS/13-Mar-06
------------------

**Security Update 2006-002 Fixes the Fixes** -- Apple today
  released Security Update 2006-002 that, along with closing a few
  new holes, addresses issues created by Security Update 2006-001
  (which is included as well, just to ensure that everyone has it).
  New improvements include a fix for a buffer overflow exploit that
  could affect a user who double-clicked an attachment within Mail
  and an update to CoreTypes that closes a JavaScript-related hole.
  Also included in the security update are additional checks to
  prevent Safari from automatically opening a file that appears
  to be safe but isn't, the elimination of bogus warnings about
  Word documents and files with custom icons as being unsafe,
  a correction in apache_mod_php that prevented SquirrelMail from
  functioning, and a fix to rsync that re-enables the "--delete"
  command line option. Security Update 2006-002 is available via
  Software Update and as standalone downloads for Mac OS X 10.4.5
  Client and Server (PowerPC), Mac OS X 10.4.5 Client (Intel),
  Mac OS X 10.3.9 (Client and Server) in sizes ranging from 13 MB
  to 39 MB. [ACE]

<http://docs.info.apple.com/article.html?artnum=303453>
<http://www.apple.com/support/downloads/
securityupdate2006002macosx1045ppc.html>
<http://www.apple.com/support/downloads/
securityupdate2006002macosx1045clientintel.html>
<http://www.apple.com/support/downloads/securityupdate20060021039client.html>
<http://www.apple.com/support/downloads/securityupdate20060021039server.html>


**Yojimbo 1.1 Adds Features, Fixes Bugs** -- Bare Bones Software
  has released Yojimbo 1.1, the first update to the company's new
  information organizer (See "Let Yojimbo Guard Your Information
  Castle" in TidBITS-814_). The program has matured in numerous
  small ways, adding AppleScript support that could enable import
  from other programs, improving its searching capabilities, and
  providing a keyboard toggle for creating bookmarks versus Web
  archives when importing a URL. Read the Current Release Notes
  page for a full list of changes. Yojimbo 1.1 is a 2.6 MB download.
  It's free to registered users; new copies cost $40. [ACE]

<http://db.tidbits.com/getbits.acgi?tbart=08407>
<http://www.barebones.com/support/yojimbo/current_notes.shtml>
<http://www.barebones.com/support/updates.shtml>


**WWDC Moves to August** -- Apple has opened registration for the
  2006 Worldwide Developers Conference (WWDC), which is interesting
  primarily because the dates for this year's conference are August
  7th through 11th, roughly two months later than recent instances
  of WWDC. Though wags have suggested that the date change was
  designed so WWDC didn't conflict with the World Cup in Germany
  (which might prevent European developers from attending), it's
  more likely that the date change means that the next version of
  Mac OS X - currently thought to be called Leopard - isn't ready
  for a June showing, causing Apple to move WWDC later in the year
  so as to be able to discuss Leopard appropriately with Macintosh
  developers. Of course, it's also possible that there was merely
  a scheduling conflict with the venue that Apple wanted, and that
  August was the next available date. Even if it is true that Apple
  is delaying WWDC for Leopard's sake, there's no telling whether
  or not the delay would affect Leopard's eventual ship date. [ACE]

<http://developer.apple.com/wwdc/>



.