The 10.5.7 Update is recommended for all users running Mac OS X Leopard and includes general operating system fixes that enhance the stability, compatibility and security of your Mac.

For detailed information on this update, please visit this website: http://support.apple.com/kb/HT3397.
For detailed information on security updates, please visit this website: http://support.apple.com/kb/HT1222.

Sudah sejak 12 May 2009, tapi saya baru lihat detail updatenya apa aja, ini juga belum sempat download karena ternyata update ke 10.5.7 ini merupakan major version jadi size download update-nya lumayan besar (449MB). Yang menarik, sepertinya patch untuk hole ini termasuk baru diikutsertakan sekarang. Jadi apple lebih memilih menunggu untuk release patch bersamaan dengan update-update lainnya, walaupun sebetulnya bugs ini sudah cukup lama beredar di public.

Disk Images

CVE-ID: CVE-2009-0150

Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6

Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution

Description: A stack buffer overflow exists in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Tiller Beauchamp of IOActive for reporting this issue.

Saya belum download dan install update 10.5.7 ini, tapi setelah download ingin coba lagi exploit fcntl tersebut masih bisa atau tidak.

I think am using latest and fully patched of OSX (Leopard), but exploit still work. Cool.

Jasmine:~ Cyberheb$ ./spl0it.sh
Apple MACOS X xnu <= 1228.x local kernel root exploit
 by: 
 http://www.digit-labs.org/ -- Digit-Labs 2008!@

* creating diskimage... done
* attaching/mounting diskimage... done
* executing exploit...

Apple MACOS X xnu <= 1228.x local kernel root exploit
by: 
http://www.digit-labs.org/ -- Digit-Labs 2008!@$!

* getattrlist...done
** attrlist length: 36
** fndrinfo:
* done

* setattrlist...done
* overwriting @0x0050A70C
* done

* setattrlist...done
* overwriting @0x0050A998
** sysent[21].sy_call: 0x0050A70C
* done

* jumping...done

* getuid(): 0
+Wh00t

bash-3.2# id
uid=0(root) gid=0(wheel) egid=20(staff) groups=0(wheel),1(daemon),2(kmem),8(procview),29(certusers),3(sys),9(procmod),4(tty),5(operator),80(admin),20(staff),101(com.apple.sharepoint.group.1)
bash-3.2# uname -a
Darwin Jasmine.local 9.6.0 Darwin Kernel Version 9.6.0: Mon Nov 24 17:37:00 PST 2008; root:xnu-1228.9.59~1/RELEASE_I386 i386

Exploit is taken from Milw0rm. Thanks to super_temon for showing me ’bout this.

Just finished install Ruby Gnu Plot on MacBook OSX version 10.5.6 (Leopard). This is Ruby module for creating some graph using GNUPlot. Ruby Gnu plot can be downloaded from here.

Ruby Gnu plot will become interface to real GNUPlot, thus we still need to install GNUPlot. Unfortunately, since apple shipped this version of OSX with readline emulation, installation of GNUPlot will be failed. Below is the part where GNUPlot installation failed:

GNUPlot will tried to search for ‘real’ readline. We can fix with specified readline as built-in:

Then make process will finish successfully. Later we can use Ruby GnuPlot for creating some graph:

We still need to have X11 installed (can be installed from OSX DVD installer). Result?!

Setelah upgrade dari Tiger ke Leopard di Macbook, muncul pesan aneh setiap membuka console:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LC_ALL = (unset),
LANG = “UTF-8″
are supported and installed on your system.
perl: warning: Falling back to the standard locale (“C”).
osx:~ cyberheb$

Kira-kira kenapa ya?!

I just bought an iPod nano 3rd generation at Changi Airport singapore while transit and waited SQ flight to pakistan. When firstly connected to my MacBook, it asked me to update the version of my iTunes first. Well, I always feel lazy to update the apple software cause lack of bandwidth, so at that time I forced to update the iTunes (yeah, only the iTunes ). After updating, I can sync the songs from my iTunes into my iPod. Oke, everything seems well.

But today, when I tried to sync the songs into iPod it get error message.

Attempting to copy to the disk “<iPod name>” failed. An unknown error occurred (-54)

I got 2 problem only in 2 days after buy that new iPod, I even haven’t do any nasty thing and it’s somehow broken. Actually the first night after sync the iPod hung, it just hung. I don’t have any idea how to restart that iPod, so I just looked around the internet and found that I can restart the iPod with push the “menu” and “center” button together. After 5 second, the iPod restart and apple logos is shown. I knew that iPod hung because I eject the usb cable before the progress of ejecting finished. I don’t believe it, it just look prone just because I pull the cable out before it finished eject progress, it never happened with my mp4 player before. *sigh*.

Back to error message while syncing the songs. The first thing come into my mind, the root cause of problem just because I didn’t update the iPod version with the new one. iTunes message me that new iPod software version is available and I should update my iPod version, maybe the new version of iTunes is not working properly with my iPod software version since it’s not been updated yet. But after looking around the internet, I got an answer from apple discussion forum that the root cause was sync failed by locked songs. Some of the songs I tried to sync was in locked state and it can’t be sync-ed into my iPod. Someone give applescript to make the songs locked disabled. Here’s the answer:

Open the Script Editor in the /Applications/AppleScript/ folder and run the following:

tell application “Finder”
set locked of every item of entire contents of folder “Music:iTunes” of home to false
end tell

I run the script and then the sync is done smoothly.

Since the first time using computer, I always use either opensource application or pirates application. But since use Macbook and now iPod, i found lot of problem related to legally and limitation. Spend lot of time just to look for some needed application, and it’s difficult (I love my gentoo). Yes, the apple product are exclusive, user friendly, beautiful (yes, apple product shipped beatifully)…but in another side, I feel idiot.