Apple has just released the following updates:
- OS X El Capitan 10.11.1: see below;
- OS X Security Update 2015-007, for OS X 10.9.5 and 10.10.5;
- Mac EFI Security Update 2015-002;
- Safari 9.0.1 (bundled in the OS X and iOS updates);
- iTunes 12.3.1;
- iOS 9.1;
- watchOS 2.0.1;
- Xcode 7.1;
- OS X Server 5.0.15.
OS X 10.11.1 contains plenty of bug fixes, including improved compatibility with Microsoft Office for Mac 2016. It also contains important security fixes (in common with the Security Update for earlier OS X), including:
- PHP is updated to versions 5.5.29 and 5.4.45;
- multiple memory corruption issues which could lead to crashes or arbitrary code execution;
- an error which could lead to overwriting of cookies;
- multiple vulnerabilities to crafted font files;
- possible impersonation attacks in OpenSSH.
These are important updates, and well worth installing soon.
OS X Server update may not appear in the App Store as an update until you have completed updating to OS X 10.11.1. It includes two significant security fixes, updating BIND to version 9.9.7-P3, and securing a vulnerability which could allow an attacker to bypass access restrictions in the Web service.
The OS X installer does not inspire much faith, with the progress bar being stuck around the 60% mark for a long time, and a long period spent watching a grey screen. The first login after that has completed also seems to take forever, and I am still having a lot of disk churning, which settled once I had run the Server app yet again.
I wish you an uneventful set of updates…