Apple Finally Patches DNS Bug

Mixed in with 16 other vulnerabilities, Apple has finally issued a patch to fix the infamous Kaminsky DNS bug in their version of BIND in OS X Server.

Apple had been getting some bad press in the last week or so for not issuing the patch when most other vendors did so over 3 weeks ago.

Many of the other vulnerabilities patched in this update are rather serious on their own. CarbonCore has a stack-based overflow in the processing of long-file names. CoreGraphics has two flaws that could lead to code execution. A bounds-checking error in OpenSSL from last September could allow remote code execution; Red Hat patched it in about 2 weeks. 5 different vulnerabilities in PHP are patched all at once.

(full story)