Apple plugged 25 security holes in components of its Mac OS X operating
system on Monday, closing remote execution vulnerabilities in its
Safari Web browser and the Ruby Web programming language.
The software patch -- the fourth this year for Apple's Mac OS X -- also
fixed flaws in the open-source Apache Tomcat Java server, Apple's VPN
client, the operating system's screen lock, and the handling of
potentially unsafe types of content. While the open-source Apache
Tomcat server racked up the most vulnerabilities, the most severe
issues affect the Ruby Web programming language, WebKit library for
Safari, and Mac OS X core library functions.
http://www.securityfocus.com/brief/767