iPhone 3GS from AT&T. Free Shipping
Safari 3.2 for Mac OS X 10.4.x (Tiger) and Mac OS X 10.5 (Leopard) released
Apple has released Safari 3.2 for Mac OS X 10.4.x and Mac OS X 10.5.x. The new release provides several security enhancements:
Safari
Sensitive information may be disclosed to a local console user Disabling autocomplete on a form field may not prevent the data in the field from being stored in the browser page cache. This may lead to the disclosure of sensitive information to a local user. This update addresses the issue by properly clearing the form data. Credit to an anonymous researcher for reporting this issue.
"WebKit
Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution A signedness issue in Safari's handling of JavaScript array indices may result in an out-of-bounds memory access. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript array indices. Credit to SkyLined of Google for reporting this issue.
Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution A memory corruption issue exists in WebCore's handling of style sheet elements. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved garbage collection. Credit to an anonymous researcher working with the TippingPoint Zero Day Initiative for reporting this issue.
Visiting a maliciously crafted website may lead to the disclosure of sensitive information WebKit's plug-in interface does not block plug-ins from launching local URLs. Visiting a maliciously crafted website may allow a remote attacker to launch local files in Safari, which may lead to the disclosure of sensitive information. This update addresses the issue by restricting the types of URLs that may be launched via the plug-in interface. Credit to Billy Rios of Microsoft, and Nitesh Dhanjani of Ernst & Young for reporting this issue.
"The new release is available through Software Update or as a standalone download via the following links:
Problems? http://www.macfixit.com/contact.
Resources
%20and%20Mac%20OS%20X%2010.5%20(Leopard)%20released%20%7C%20MacFixIt%20-%20CNET%20Reviews&srcUrl=http://reviews.cnet.com/8301-13727_7-10329887-263.html){kind=small}
Look in your Receipt folder and trashed any package related to Safari 3.2
Concerning the new 3.2 Safari Release, I have noted a new feature (long awaited): an antiPhishing option!
In Preferences / Security, tick the box "warn me in case of fraudulous Web site"
you did not have to wait for anti-phishing capabilities in safari. i have used the saft plug-in for safari which has had 'google safe browsing' built into it for months.
firefox also has an antiphishing plug-in but firefox is much less secure than safari with regard to privacy issues and purging data, especially now after this security update.
It is funny, and typical apple, we now have the warning before visiting fraudulent sites, but click the ? on that page and you don't even get updated help pages. Maybe in the next OS release, they will update the help? Either way, I would love a PithHemet update to block all the cpu-abusing flash ads on some sites. That will be coming soon enough!
I too had Safari aborting when loading my 'morning' Tabs. However, loading induvidual pages worked. I had used Software Update.
After removing Pithhelmet v2.8.3 and Glims v1.0b10 everything went back to normal. I suspect Pithhelmet is the culprit.
---
Tony
MacBook Pro 17" 2.4 GHz Core 2 Duo - 4 GB ram
Mac OS 10.5.5 (Build 9F33)
I also have this issue. I have Webkit 4 and the installer for 3.2 won't allow me to update Safari 3.1
If you installed the 4.0 Developer Preview you may need to run the Uninstaller. That's what I had to do to get Software Update to recognize that I needed 3.2.
- by WhiteDog November 14, 2008 4:06 PM PST
- The Safari 3.2 install went OK for me. But Safari then crashed repeatedly shortly after launch. I found that removing the SIMBL folder (containing the SIMBL.bundle file) from the Library/Input Managers folder solved the problem. I did not have to remove the SIMBL plugins (in the /Library/Application Support/SIMBL/Plugins folder) that utilize the SIMBL.bundle file - in my case, PithHelmet and SafariSource.
- Like this Reply to this comment
-
(8 Comments)Saft was also disabled in Safari 3.2, so I removed it too from the Input Managers folder, though I don't think it was the one causing the crashes because it disables itself when an incompatible version of Safari is launched.
Saft has now been updated for Safari 3.2. The problem I see is that not just PithHelmet, but SIMBL, too, will need to be updated for this version of Safari. It's been awhile since it's needed an update. This may delay PithHelmet, which has sometimes been slow to get updated in the past. I hope they can make the upgrade because I find PithHelmet invaluable in eliminating web page clutter.
---
Don't anthropomorphize computers.
They hate that.