Apple’s recently released Security Update 2014-005 for OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.5, OS X Server versions 2.2.5, 3.3.2 and 4.0, and iTunes 12.0.1, have together patched 144 security flaws across seven products, ZDNet is reporting. A fix for the “POODLE” bug is also included, although majority of these bugs are believed to be old ones found in iTunes.
The source claims that a number security updates may be coming on Monday as well when Apple releases iOS 8.1. It is expected that the bugs fixed in Yosemite will also be be fixed in iOS. The report notes that Apple has been collecting these vulnerabilities for some time. The vulnerabilities came from 15 different sources (including Apple) and 16 of them have CVE dates from 2013.
“Yosemite fixes 45 vulnerabilities across many parts of the operating system. Included is the fix for the Shellshock bug in the Bash shell, patched separately at the end of September. There is also a fix for the POODLE flaw in the design of the SSL version 3 protocol; Apple addressed it by disabling CBC cipher suites when TLS connection attempts fail.”
Yesterday’s OS X 10.10 Yosemite release has fixed 45 vulnerabilities across many parts of the operating system.