Safari isn't the only thing Apple updated...
Apple today released APPLE-SA-2008-03-18 Security Update 2008-002, the second security update for the year. Most significant updates include to Apache, ClamAV, Emacs, OpenSSH, PHP , and X11. Security Update 2008-002 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site.
And this isn't all. Read the full story on CNet.
AFP Client-- afp:// URL
This patch only affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.2, Mac OS X Server v10.5.2. The update addresses an afp:// URL vulnerability in CVE-2007-4680. A remote attacker may be able to cause a certificate to appear trusted. According to Apple a "multiple stack buffer overflow issues exist in AFP Client's handling of afp:// URLs. By enticing a user to connect to a malicious AFP Server, an attacker may cause an unexpected application termination or arbitrary code execution."
AFP Server--Cross-realm authentication
This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.2, Mac OS X Server v10.5.2. The update addresses a Cross-realm authentication vulnerability in CVE-2008-0045. Apple says "An implementation issue exists in AFP Server's check of Kerberos principal realm names. This may allow unauthorized connections to the server, when cross-realm authentication with AFP Server is used. This update addresses the issue by through improved checks of Kerberos principal realm names. This issue does not affect systems running Mac OS X v10.5 or later." Apple also says that this issue has been addressed within Mac OS X v10.5 or later. Apple credits Ragnar Sundblad of KTH - Royal Institute of Technology, Stockholm, Sweden for reporting this issue.
Apache -- 1
This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X Server v10.5.2. The update addresses Apache 1.3.33 and 1.3.39 vulnerabilities in CVE-2005-3352, CVE-2006-3747, CVE-2007-3847, CVE-2007-5000, CVE-2007-6388.. Apple says "Apache is updated to version 1.3.41 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the Apache web site at http://httpd.apache.org For Mac OS X v10.5, Apache version 1.3.x is only shipped on Server configurations. mod_ssl is also updated from version 2.8.24 to 2.8.31 to match the upgraded Apache; no security fixes are included in the update."
Apache -- 2
This patch only affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X Server v10.5.2 and addresses various Apache 2.2.6 vulnerabilities in CVE-2007-5000, CVE-2007-6203, CVE-2007-6388, CVE-2007-6421, CVE-2008-0005. Apple says "Apache is updated to version 2.2.8 to address several vulnerabilities, the most serious of which may lead to cross-site scripting."
AppKit-- NSDocument API
This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11. The update addresses a NSDocument API vulnerability in CVE-2008-0048. Apple says " A stack buffer overflow exists in the NSDocument API's handling of file names. On most file systems, this issue is not exploitable. This update addresses the issue through improved bounds checking. This issue does not affect systems running Mac OS X v10.5 or later."
AppKit -- NSApplication
This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11. The update addresses a NSApplication vulnerability in CVE-2008-0049. Apple says "By sending maliciously crafted messages to privileged applications in the same bootstrap namespace, a local user may cause arbitrary code execution with the privileges of the target application. This update addresses the issue by removing the mach port in question and using another method to synchronize. This issue does not affect systems running Mac OS X v10.5 or later."
AppKit -- Multiple integer overflow
This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11. The update addresses a Multiple integer overflow vulnerability in CVE-2008-0057. Apple says " By causing a maliciously formatted serialized property list to be parsed, an attacker could trigger a heap-based buffer overflow which may lead to arbitrary code execution. This update addresses the issue by performing additional validation of serialized input. This issue does not affect systems running Mac OS X v10.5 or later.
AppKit-- network printer
This patch affects users of Mac OS X v10.4.11, Mac OS X Server v10.4.11. The addresses a vulnerability in CVE-2008-0997. Apple says "by enticing a user to query a network printer, an attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of PPD files. This issue does not affect systems running Mac OS X v10.5 or later."