[OS X TeX] i-Installer 2.82 released. Security release: all users requested to upgrade

Gerben Wierda Gerben.Wierda at rna.nl
Wed Oct 11 07:05:06 CEST 2006


Can you tell more? OS version, i-Installer version? I would like to  
know. It would be sad if older i-Installers cannot upgrade to the  
newer version.

You can force quit the application and use the ftp://ftp.nluug.nl/pub/ 
comp/macosx/volumes/ii2/II2.dmg instead

G

On Oct 11, 2006, at 04:11 , Davia Shana Cox wrote:

> I am having trouble loading the new i-installer 2.82, when I  
> install and configure of the new i-installer it stalls at the  
> configuration portion of loading the software. Any suggestions?
> Davia Cox
> Davia S. Cox
> Research Assistant/Doctoral Student
> Department of Political Science & Global Urban Studies Program
> Michigan State University
> 447 Berkey Hall
> East Lansing, MI 48824
> 517-353-6855 Home
> 517-353-5987 Office
> 517-353-6880 Fax
> Gerben Wierda writes:
>> On Oct 11, 2006, at 00:41 , Alain Schremmer wrote:
>>> Gerben Wierda wrote:
>>>> I have noticed that the setup of i-Installer brings with it a   
>>>> potential security issue which is also potentially serious.  
>>>> This  find (by myself, luckily) is not a happy event for me. I  
>>>> have patched i-Installer. As a result, installing i-Installer   
>>>> with drag-and-drop from the II2.dmg volume is now deprecated.  
>>>> The  II2.dmg now contains an Apple Installer.app package which  
>>>> installs  i- Installer. Also, upgrading with the i-Installer i- 
>>>> Package is  supported. i-Installer itself now contains some  
>>>> basic checks for this  security issue. All i-Packages will be  
>>>> upgraded/released shortly and they will all  contain a check for  
>>>> i-Installer version 2.82 or up to force users  to upgrade.
>>> Am I correct to understand this to mean that it is /installing/   
>>> that is a potential security issue but that stuff that is  
>>> already / installed/—in my case v2.65.2 and stuff of that same age 
>>> —are OK as  long as I don't install anything else with it?
>> Correct. As far as I know, there is no actual exploit and there is  
>> only a  possible exploit if someone already has access to your  
>> system through  a real login (no exploit via network or so).  
>> G------------------------- Info --------------------------
>> Mac-TeX Website: http://www.esm.psu.edu/mac-tex/
>>          & FAQ: http://latex.yauh.de/faq/
>> TeX FAQ: http://www.tex.ac.uk/faq
>> List Archive: http://tug.org/pipermail/macostex-archives/
>
>
> ------------------------- Info --------------------------
> Mac-TeX Website: http://www.esm.psu.edu/mac-tex/
>          & FAQ: http://latex.yauh.de/faq/
> TeX FAQ: http://www.tex.ac.uk/faq
> List Archive: http://tug.org/pipermail/macostex-archives/
>
>

------------------------- Info --------------------------
Mac-TeX Website: http://www.esm.psu.edu/mac-tex/
          & FAQ: http://latex.yauh.de/faq/
TeX FAQ: http://www.tex.ac.uk/faq
List Archive: http://tug.org/pipermail/macostex-archives/




More information about the macostex-archives mailing list