Apple have released a security update to its Mac OS X operating system that closes more than a half dozen serious security vulnerabilities.
The April 2002 security update for OS X version 10.1 addresses recently discovered bugs in UNIX components used by the operating system, according to a description of the update released by Apple last week.
The security patch includes an updated version of the Apache Web server built into Mac OS X. The new version, 1.3.23, incorporates a fix to a component named mod_ssl that prevents remote attackers from being able to run code of their choice on the server, Apple said Friday.
Other flaws patched by the update include a bug in the PHP scripting language shipped with Mac OS X. The Computer Emergency Response Team, a federally funded computer security information clearinghouse, warned in February that the PHP vulnerability could allow a remote attacker to execute "arbitrary code" on the system.
According to Apple, the security patch also fixes security flaws in components including groff, mail_cmds, rsync, and sudo. The security patch does not require a system re-start, according to other OS X message board participants.