16 Apr 2010
I’ve never seen two Security Updates this close after one another. This is a minor fix which solved a 0 day security issue:
Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index checking. Credit to Charlie Miller working with TippingPoint’s Zero Day Initiative for reporting this issue.
There are no changes to any of our software (yes even postfix is unaffected!) so you can run this without any problem. Read more about it in Appleās Knowledge base article.
Comments
7:36 am
Make sure you check that your freetype support is working .. for some reason mine is not again .. so I had to recompile php with it again.
12:41 pm
Mike, I’m really sorry about this. I don’t use these plugins myself therefore it has gone unnoticed.