Reprinted from TidBITS by permission; reuse governed by Creative Commons
license BY-NC-ND 3.0. TidBITS has offered years of thoughtful commentary
on Apple and Internet topics. For free email subscriptions and access to the
entire TidBITS archive, visit http://www.tidbits.com/


   Security Update 2013-001 for Snow Leopard and Lion

   Agen G. N. Schmitz

   Apple released Security Update 2013-001 for Mac OS X 10.6 Snow Leopard
   and 10.7 Lion, with each big cat getting two versions: [1]Snow Leopard
   (316.63 MB) and [2]Snow Leopard Server (391.63 MB); and [3]Lion (31.42
   MB) and [4]Lion Server (79.33). The updates close a variety of
   vulnerabilities, including Apache HTTP authentication, handling of JSON
   data by Ruby on Rails in Podcast Producer Server, and a buffer overflow
   when viewing MP4 files in QuickTime. The complete list of fixes can be
   found on this [5]Apple support page, which combines the details for
   these security updates with those for the just-released Mountain Lion
   update (see '[6]OS X 10.8.3 Mountain Lion Fixes Nagging Bugs,' 14 March
   2013). The security update also runs a malware removal tool that will
   notify you only if anything is removed. (Free)

References

   1. http://support.apple.com/kb/DL1642
   2. http://support.apple.com/kb/DL1644
   3. http://support.apple.com/kb/DL1643
   4. http://support.apple.com/kb/DL1645
   5. http://support.apple.com/kb/HT5672
   6. http://tidbits.com/article/13637

.