Uitgavegeschiedenis Safari

Hieronder vindt u beschrijvingen van de wijzigingen en vernieuwingen in de opeenvolgende versies van Safari.

Safari 6.0.1

Door redactie op 21 september 2012 - 17:09

In juli al heeft Apple Safari 6.0 uitgebracht. De grootste vernieuwing in deze versie van Apples is eigenlijk dat Windows niet meer ondersteund wordt. Safari is niet meer te downloaden voor Microsofts besturingssysteem: Apple heeft de ontwikkeling stopgezet. Wel is Safari natuurlijk nog voor Mac OS X en iOS beschikbaar.

Nieuwe functionaliteit in Safari 6 zijn een geïntegreerde zoekbalk en adresbalk (in plaats van twee losse balken) - net als bijvoorbeeld Google Chrome heeft - en de implementatie van de Do Not Track-functie die er op den duur voor moet zorgen dat advertentiebedrijven geen tracking cookies meer plaatsen. Ook nieuw zijn een leeslijst om offline artikelen van websites te kunnen lezen en een gloednieuwe wachtwoord-beheerder.

Eergisteren verscheen een eerste beveiligingsupdate voor Safari 6. In versie 6.0.1 van Apples browser worden tientallen beveiligingslekken gedicht in de WebKit engine van Safari.

Safari 6.0.1 is de standaard browser voor Mac OS X en iOS die dus niet meer te krijgen is voor Windows.

Uitgave-opmerkingen:

  • Smart Search Field. Safari now has one field for typing both searches and web addresses. 
  • Offline Reading List. Safari saves entire webpages in your Reading List so you can catch up on your reading even when you don’t have an Internet connection. 
  • Do Not Track. Safari can send the websites you visit a request not to track you online.
  • Password pane. Manage your saved website logins with the new Password pane.
  • Baidu. The leading Chinese search engine Baidu is now a built-in option for Chinese users.

Safari 6 for OS X Lion also includes improvements to stability, compatibility, usability and security, including changes that: 

  • Make the swipe to navigate gesture work with PDFs.
  • Restore the state of Reading List when Safari is launched.
  • Fix an issue that affected full screen video in webpages that have positioned content.
  • Restore the user's previous cookies after Private Browsing without requiring a Safari relaunch.
Download: 

Download Safari 6.0.1

Bron: 

Apple
Security

  • 13216 keer gelezen

Safari 5.1.7

Door redactie op 10 mei 2012 - 10:05

Safari 5.1.7 is uitgebracht. Deze versie van Apples browser moet de stabiliteit, prestaties en veiligheid vergroten. Zo reageert Safari sneller als je computer nog maar weinig geheugen beschikbaar heeft. Ook is een probleem met formulieren verholpen. Verder wordt onder Mac OS X de Flash-plugin uitgeschakeld als deze verouderd is. Dit om aanvallen via lekke browser-plugins te voorkomen.

Ook worden er drie beveiligingslekken gedicht in de WebKit engine van Safari. Safari 5.1.7 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Download: 

Download Safari 5.1.7

Bron: 

Apple

  • 4036 keer gelezen

Safari 5.1.5

Door redactie op 27 maart 2012 - 13:03

Safari 5.1.5 is twee weken na de vorige versie uitgebracht. Deze update van Apples browser bevat enkele stabiliteitsverbeteringen voor Safari. Ook is de 'bruikbaarheid van bepaalde websites' vergroot.

Precieze details ontbreken, maar aangezien de update zo snel na versie 5.1.4 komt betreft het blijkbaar enkele serieuze problemen.

Of er beveiligingslekken gedicht worden vooralsnog ook onbekend. Safari 5.1.5 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Download: 

Download Safari 5.1.5

Bron: 

Apple

  • 2167 keer gelezen

Safari 5.1.4

Door redactie op 13 maart 2012 - 09:03

Safari 5.1.4 is uitgebracht. Deze update van Apples browser kent diverse verbeteringen die de stabiliteit en snelheid van Safari vergroten.

Zo zijn de JavaScript prestaties verbeterd, start Safari met extensies sneller op en zijn enkele problemen met Flash, HTML5 en PDF opgelost. Ook wordt een privacy-probleem opgelost doordat sporen van surfsessies nu wel echt verwijderd worden (er blijven geen restanten achter) als de private browsing modus aanstaat.

Ten slotte fixt deze update voor Safari maar liefst 83 beveiligingslekken in Apples browser en de onderliggende Webkit-engine (die ook door Google Chrome wordt gebruikt). Aangeraden wordt om snel te updaten.

Safari 5.1.4 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Download: 

Download Safari 5.1.4

Bron: 

Apple

  • 1769 keer gelezen

Safari 5.1.2

Door redactie op 30 november 2011 - 15:11

Voor Safari is een kleine update uitgebracht. Versie 5.1.2 van Apples browser brengt enkele kleine verbeteringen die de stabiliteit vergroten.

Ook enkele gevallen waarin Safari blijft hangen en excessief veel geheugen gebruikt zijn verholpen. Ten slotte kunnen pdf'jes nu weer zonder problemen in webpagina's bekeken worden.

Safari 5.1.2 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Download: 

Download Safari 5.1.2

Bron: 

Apple

  • 2122 keer gelezen

Safari 5.1.1

Door redactie op 13 oktober 2011 - 11:10

Safari 5.1.1 is verschenen. In deze uitgave van Apples browser is ondersteuning voor iCloud toegevoegd (alleen voor Mac OS X en Windows Vista en 7). Hierdoor kun je je bladwijzers en leeslijst online opslaan en synchroniseren met je andere pc's, Macs en iOS-apparaten, zodat je overal dezelfde informatie hebt.

Verder worden in Safari 5.1.1 enkele stabiliteitsproblemen verholpen en is het printen verbeterd. Ten slotte lost deze update voor Safari 43 beveiligingslekken op.

Safari 5.1.1 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Release notes:

Safari 5.1.1 includes support for iCloud, a breakthrough set of free cloud services. iCloud stores your Safari bookmarks and Safari Reading List and automatically pushes them to all your devices.*

Safari 5.1.1 also contains various bug fixes and improvements to stability, compatibility, and security, including fixes that:

  • Address issues that could cause hangs and excessive memory usage

  • Improve stability when using Find, dragging tabs, and managing extensions

  • Improve stability for netflix.com and other websites that use the Silverlight plug-in

  • Improve stability when zooming on Google maps

  • Address an issue that could prevent East Asian character input into webpages with Flash content

  • Address an issue that could cause History items to appear incorrectly

  • Address an issue that could cause cleared Reading List items to appear

  • Improve printing from Safari

  • Address an issue that could prevent the Google Safe Browsing Service from updating

Download: 

Download Safari 5.1.1

Bron: 

Apple

  • 2228 keer gelezen

Safari 5.1

Door redactie op 21 juli 2011 - 09:07

Safari 5.1 is verschenen. In deze uitgave van Apples browser worden maar liefst 58 beveiligingslekken dichtgeplakt. De meeste kwetsbaarheden zitten in de WebKit rendering engine, maar ook andere onderdelen van Safari krijgen een pleister.

Onder andere het openen van speciaal geprepareerde pdf-bestanden en tiff-afbeeldingen en het bezoeken van kwaadaardige websites kon leiden tot het uitvoeren van schadelijke code. Een deel van de kwetsbaarheden in Safari zit alleen in de Windows-versie.

Verder zitten er ook enkele nieuwe functies in Safari 5.1. Zo heeft Apples browser in deze versie een 'leeslijst' (klik op het brilletje links op de bladwijzerwerkbalk) waar je interessante websites aan toe kunt voegen om ze later te bekijken als je nu even geen tijd hebt. Eveneens nieuw is dat Safari nu sessies kan hervatten, zodat bij het starten de websites van de vorige keer worden geopend (instellen in paneel Algemeen).

De privacy is beter gewaarborgd door het nieuwe paneel Privacy waarin je makkelijk alle gegevens kunt verwijderen die websites op je computer achterlaten. Ook cookies van derde partijen en adverteerders kunnen hier geblokkeerd worden.

Gebruikers van het nieuwe Mac OS X Lion krijgen bovendien sandbox-beveiliging van Safari, zodat ze beter beschermd worden tegen alle gevaren op internet. Deze bescherming zit niet in de versies voor Windows of oudere Mac OS X varianten.

Ten slotte zijn de stabiliteit van Safari en de ondersteuning voor HTML5 en CSS3 verbeterd, zijn de zoekopties uitgebreid, is veilig automatisch aanvullen geïmplementeerd en kunnen downloads naar het bureaublad gesleept worden.

Safari 5.1 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Release notes:
Deze update bevat nieuwe functies, waaronder:

  • Leeslijst: U kunt eenvoudig webpagina's en koppelingen aan uw leeslijst toevoegen, zodat u deze kunt bekijken wanneer u er tijd voor hebt.
  • Nieuwe procesarchitectuur: Safari is opnieuw geprogrammeerd, waardoor de stabiliteit verbeterd is en de reactiesnelheid is verhoogd. 
  • Hervatten: In het paneel 'Algemeen' van de Safari-voorkeuren kunt u instellen dat bij het starten van Safari de vensters worden geopend die in de laatste browsersessie geopend waren.
  • Meer privacy: Via het nieuwe paneel 'Privacy' in de Safari-voorkeuren kunt u eenvoudig gegevens verwijderen die websites mogelijk op uw computer achterlaten. 

Andere verbeteringen: 

  • Veilig automatisch vullen: Met Safari kunt u formulieren snel invullen en uw persoonlijke gegevens privé houden. 
  • Zoekoptie: Wanneer u zoekt in Safari, kunt u opgeven of u wilt zoeken naar tekst die de tekst bevat die u in het zoekveld typt of naar tekst die met deze zoektekst begint. 
  • Downloads slepen: U kunt nu onderdelen uit het venster 'Downloads' slepen, zodat u gedownloade bestanden snel en eenvoudig op het bureaublad kunt plaatsen.
  • Geavanceerde webtechnologieën: Safari biedt nu ondersteuning voor schermvullende webpagina's, het cachen van media met behulp van de HTML5-programmacache, MathML, Web Open Font Format, automatische woordafbreking volgens CSS3, verticale tekst volgens CSS3, tekstbenadrukking volgens CSS3, Window.onError en opgemaakte XML-bestanden.
  • Nieuwe extensie-API's: Ontwikkelaars kunnen nu gebruikmaken van nieuwe Safari-extensieondersteuning voor popovers, menu's, nieuwe eventklassen en interactie met Reader.

  • CFNetwork

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack

    Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content.

    CVE-ID

    CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security

  • CFNetwork

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution

    Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems.

    CVE-ID

    CVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research

  • CFNetwork

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: A root certificate that is disabled may still be trusted

    Description: CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems.

    CVE-ID

    CVE-2011-0214 : an anonymous reporter

  • ColorSync

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution

    Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004.

    CVE-ID

    CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative

  • CoreFoundation

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution

    Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8.

    CVE-ID

    CVE-2011-0201 : Harry Sintonen

  • CoreGraphics

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution

    Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004.

    CVE-ID

    CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team

  • International Components for Unicode

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow issue existed in ICU's handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8.

    CVE-ID

    CVE-2011-0206 : David Bienvenu of Mozilla

  • ImageIO

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution

    Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004.

    CVE-ID

    CVE-2011-0204 : Dominic Chell of NGS Secure

  • ImageIO

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution

    Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.

    CVE-ID

    CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies

  • ImageIO

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution

    Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems.

    CVE-ID

    CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP

  • ImageIO

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution

    Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004.

    CVE-ID

    CVE-2011-0204 : Dominic Chell of NGS Secure

  • libxslt

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap

    Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004.

    CVE-ID

    CVE-2011-0195 : Chris Evans of the Google Chrome Security Team

  • libxml

    Available for: Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

    CVE-ID

    CVE-2011-0216 : Billy Rios of the Google Security Team

  • Safari

    Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book

    Description: Safari's "AutoFill web forms" feature filled in non-visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form.

    CVE-ID

    CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, Jeremiah Grossman

  • Safari

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites

    Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process.

    CVE-ID

    CVE-2011-0219 : Joshua Smith of Kaon Interactive

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

    CVE-ID

    CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd

    CVE-2011-0164 : Apple

    CVE-2011-0218 : SkyLined of Google Chrome Security Team

    CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team

    CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team

    CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP

    CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team

    CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative

    CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative

    CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP

    CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team

    CVE-2011-0237 : wushi of team509 working with iDefense VCP

    CVE-2011-0238 : Adam Barth of Google Chrome Security Team

    CVE-2011-0240 : wushi of team509 working with iDefense VCP

    CVE-2011-0253 : Richard Keen

    CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative

    CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative

    CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc

    CVE-2011-0983 : Martin Barbella

    CVE-2011-1109 : Sergey Glazunov

    CVE-2011-1114 : Martin Barbella

    CVE-2011-1115 : Martin Barbella

    CVE-2011-1117 : wushi of team509

    CVE-2011-1121 : miaubiz

    CVE-2011-1188 : Martin Barbella

    CVE-2011-1203 : Sergey Glazunov

    CVE-2011-1204 : Sergey Glazunov

    CVE-2011-1288 : Andreas Kling of Nokia

    CVE-2011-1293 : Sergey Glazunov

    CVE-2011-1296 : Sergey Glazunov

    CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP

    CVE-2011-1451 : Sergey Glazunov

    CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative

    CVE-2011-1457 : John Knottenbelt of Google

    CVE-2011-1462 : wushi of team509

    CVE-2011-1797 : wushi of team509

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to arbitrary code execution

    Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings.

    CVE-ID

    CVE-2011-1774 : Nicolas Gregoire of Agarri

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to an information disclosure

    Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure.

    CVE-ID

    CVE-2011-1190 : Daniel Divricean of divricean.ro

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack

    Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username.

    CVE-ID

    CVE-2011-0242 : Jobert Abma of Online24

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to a cross-site scripting attack

    Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross-site scripting attack.

    CVE-ID

    CVE-2011-1295 : Sergey Glazunov

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar

    Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar.

    CVE-ID

    CVE-2011-1107 : Jordi Chancel

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure

    Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs.

    CVE-ID

    CVE-2011-0244 : Jason Hullinger

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later

    Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content

    Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching.

    CVE-ID

    CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.


Download: 

Download Safari 5.1

Bron: 

Apple

  • 4524 keer gelezen

Safari 5.0.5

Door redactie op 15 april 2011 - 14:04

Safari 5.0.5 is uitgebracht door Apple. In deze uitgave worden twee lekken in de WebKit engine van de snelle browser gedicht. De update geldt voor Windows en Mac OS X.

Safari 5.0.5 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Release notes:

Safari 5.0.5

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.5 or later, Mac OS X Server v10.6.5 or later, Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: An integer overflow issue existed in the handling of nodesets. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

    CVE-ID

    CVE-2011-1290 : Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann working with TippingPoint's Zero Day Initiative

  • WebKit

    Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.5 or later, Mac OS X Server v10.6.5 or later, Windows 7, Vista, XP SP2 or later

    Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

    Description: A use after free issue existed in the handling of text nodes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

    CVE-ID

    CVE-2011-1344 : Vupen Security working with TippingPoint's Zero Day Initiative, and Martin Barbella

Download: 

Download Safari 5.0.5

Bron: 

Apple

  • 3371 keer gelezen

Safari 5.0.4

Door redactie op 10 maart 2011 - 09:03

Safari 5.0.4 is verschenen. In deze uitgave van Apples browser worden de nodige verbeteringen doorgevoerd die de
stabiliteit en veiligheid van Safari verbeteren onder Mac OS X en Windows.

Zo is de stabiliteit vergroot op webpagina's die meerdere plugins gebruiken om inhoud weer te geven. En onder Windows worden HTML5 video's op YouTube nu correct afgespeeld. Verder zijn enkele problemen met het printen van pagina's verholpen.

Ook worden bij deze update maar liefst 62 beveiligingslekken dichtgeplakt in Safari. De meeste van deze lekken zijn ernstig en kunnen ervoor zorgen dat kwaadwillenden schadelijke code op de pc of Mac van een slachtoffer kunnen uitvoeren.

Lees de verdere veranderingen hieronder in de uitgave-opmerkingen. Safari 5.0.4 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Release notes:
Safari 5.0.4 for Mac

This update contains improvements to stability, compatibility, accessibility and security, including the following:

* Improved stability for webpages with multiple instances of plug-in content
* Improved compatibility with webpages with image reflections and transition effects
* A fix for an issue that could cause some webpages to print with incorrect layouts
* A fix for an issue that could cause content to display incorrectly on webpages with plug-ins
* A fix for an issue that could cause a Screen Saver to appear while video is playing in Safari
* Improved compatibility with VoiceOver on webpages with text input areas and lists with selectable items
* Improved stability when using VoiceOver

Safari 5.0.4 Windows

This update contains improvements to stability, compatibility, accessibility and security, including the following:

* Improved compatibility with webpages with transition effects
* A fix for an issue that could cause some webpages to print with incorrect layouts
* A fix for an issue that could prevent HTML5 video from playing on www.youtube.com
* A fix for an issue that could cause content to display incorrectly on webpages with plug-ins

Download: 

Download Safari 5.0.4

Bron: 

Apple

  • 2508 keer gelezen

Safari 5.0.3

Door redactie op 18 november 2010 - 21:11

Safari 5.0.3 is uitgebracht door Apple. In deze release worden enkele verbeteringen doorgevoerd die met name de stabiliteit van de browser ten goede komen. Verder is de popup-blokkeerder verbeterd en zijn enkele problemen met het afspelen van video's opgelost.

Ten slotte worden maar liefst 27 beveiligingslekken dichtgeplakt in de WebKit-motor van Safari. De meeste van deze lekken zijn ernstig en kunnen ervoor zorgen dat kwaadwillenden schadelijke code op de pc of Mac van een slachtoffer kunnen uitvoeren.

Lees de verdere veranderingen hieronder in de uitgave-opmerkingen. Safari 5.0.3 is de standaard browser voor Mac OS X die los is te downloaden voor Windows XP, Vista en 7.

Release notes:

This update contains improvements to usability, compatibility, stability, accessibility and security, including the following:

  • More accurate Top Hit results in the Address Field
  • More accurate results in Top Sites
  • Fixes an issue that could cause content delivered with the Flash 10.1 plug-in to overlap webpage content
  • More reliable pop-up blocking
  • Fixes an issue that affected playback of some videos shot or edited to include rotations and flips
  • Improved stability when typing into search and text input fields on www.netflix.com and www.facebook.com
  • Improved stability when using JavaScript-intensive extensions
  • Improved stability when using a screen reader with Safari
Download: 

Download Safari 5.0.3

Bron: 

Apple

  • 2872 keer gelezen

Pagina's

meer