(LiveHacking.Com) – Apple has released OS X Server v2.1.1 to address multiple vulnerabilities in PostgreSQL and fix an issue with the Jabber server’s handling of dialback result messages. Before Mac OS X 10.7, Apple sold a separate server edition of OS X, but now it is a separate set of server add-ons which can be bought directly from Apple’s online Mac App Store. OS X Server 2.1.1 is an update of that add-on component.
OS X Server adds the following capabilities to OS X: File sharing for Mac, PC, and iPad; Wiki Server; Profile Manager; Provide a Time Machine backup destination for Mac computers on your network; Standards-based SMTP, IMAP, and POP server; Calendar Server; Contacts Server; Messages Server; Encrypted VPN connections for Mac, iPad, iPhone, and PC; and Xsan
PostgreSQL has been updated to version 9.1.5 to address multiple vulnerabilities, the most serious of which may allow database users to read files from the file system with the privileges of the database server role account. Further information is available via the PostgreSQL web site at http://www.postgresql.org/
An issue existed in the Jabber server’s handling of dialback result messages. An attacker may cause the Jabber server to disclose information intended for users of federated servers. This issue was addressed through improved handling of dialback result messages.
From a security standpoint, OS X Server v2.1.1 includes the security updates of OS X Mountain Lion v10.8.2.
What’s New in Version 2.1.1
- Managing DHCP service from within the Server application
- iOS 6 device management support in Profile Manager
- Using the Server application to create a large number of users or groups
- Authenticating with Calendar Server when using an Active Directory account
- Renewing certificates for use with the Apple Push Notification Service
- Configuring DNS entries with second level domains and aliases
- Retaining network, DNS and PHP settings installing or upgrading OS X Server
- Migrating from Lion Server and Snow Leopard Server