Apple this week released three patches for
OS X version 10.5 – also known as Leopard – fixing issues in Application Firewall.
The patches are the first security distribution specifically for the latest version of OS X, released in late October.
Apple disclosed that one issue in Application Firewall creates a situation where the "block all incoming connections" setting for the firewall is misleading, which could result in the exposure of network services.
The patch changes that description to “only allow essential services” for a limited number of processes.
Apple also fixed Application Firewall to correctly block incoming connections. An issue had caused processes “running as user root" to receive incoming connections, even if those processes should have been marked to block such connections, according to Apple's latest
security advisory.
Apple also updated Application Firewall so that setting changes take place immediately after they are implemented, not after the application is restarted.
In the most patch-heavy week in memory for Apple, the Cupertino, Calif.-based company released updates
OS X version 10.4.11 and
Safari 3 Beta on Wednesday, and
iPhone and iPod Touch versions 1.1.2 on Monday.