XML News from Saturday, November 15, 2008

Apple has released Safari 3.2 for Mac and Windows to close various security holes. Interestingly one of the bugs comes from libxslt. "A heap buffer overflow issue exists in the libxslt library. Viewing a maliciously crafted HTML page may lead to an unexpected application termination or arbitrary code execution. Further information on the patch applied is available via http://xmlsoft.org/XSLT/ This issue does not affect Mac OS X systems that have applied Security Update 2008-007. Credit to Anthony de Almeida Lopes of Outpost24 AB, and Chris Evans of the Google Security Team for reporting this issue." All users should upgrade. Software Update doesn't seem to find it. You'll need to download and install it manually.


The Mozilla Project has released Firefox 3.0.4 and 2.0.0.18 and SeaMonkey 1.1.13 to fix various security bugs. All users should upgrade.