Apple on Tuesday released Security Update 2006-004, fixing issues with AFP Server, Bluetooth, WebKit and more. The update is recommended for all users.
Fixes to the AFP Server include issues that could allow sensitive information to be unknowingly disclosed in Mac OS X v10.3.9, other issues that could be used in a denial of service attack on all versions of Mac OS X, and issues specific to Mac OS X Server.
The update also beefs up security to Bluetooth Setup Assistant, changing automatically generated passkey used for pairing from six characters to eight characters.
The update to WebKit resolves an issue where a maliciously-crafted HTML document could cause a previously deallocated object to be accessed, leading to an application crash or arbitrary code execution.
Other applications affected by the update include Bom, DHCP, dyld, fetchmail, gnuzip, ImageIO, LaunchServices, OpenSSH, and telnet.
Full documentation of the update may be found on Apple’s Web site.