Currently Being ModeratedSep 19, 2012 4:21 PM (in response to Claas Hanken)
"Impact: Viewing an e-mail message may lead to execution of web plugins
Description: An input validation error existed in Mail's handling of embedded web plugins. This issue was addressed by disabling third-party plug-ins in Mail."
I don't pretend to understand the technical nature of the vulnerability, but simply read those Mail plug-ins could be risky.
Isn't it great that Snow Leopard got a security update!!! A big THANK YOU Apple. Keep it going.iMac, Mac OS X (10.6.8), 10.5.8 iBook 10.3.9
Currently Being ModeratedSep 19, 2012 6:26 PM (in response to roam)
Knock me over with a feather. The last thing I expected. The DL page shows 2.36MB and the .dmg in progress is showing 257MB.
Word of advice to anyone reading this: wait and see what turns up here before installing.There have been some pretty funky updates from time to time. Last winter one crashed all PPC/Rosetta applications.
Currently Being ModeratedSep 20, 2012 2:48 AM (in response to Claas Hanken)
1. Close Mail
2. If the plugin already got moved to “~/Library/Mail/Bundles (Disabled)/” move it back to “~/Library/Mail/Bundles/”
3. Open Terminal
4. defaults write ~/Library/Mail/Bundles/GrowlMail.mailbundle/Contents/Info SupportedPluginCompatibilityUUIDs -array-add "064442B6-53C0-4A97-B71B-2F111AE4195B"
5. defaults write ~/Library/Mail/Bundles/GrowlMail.mailbundle/Contents/Info SupportedPluginCompatibilityUUIDs -array-add "588FF7D1-4310-4175-9980-145B7E975C02"
and now GrowlMail 1.2.5 will work =)
Currently Being ModeratedSep 20, 2012 4:13 AM (in response to jazzmosax)
... and what about Growl 1.3.3 (purchased via App store) and GrowlMail on 10.7.5. Plugin was disabled by Mail app, but still sits in ~/Library/Mail/Bundles/. How to fix it?
I'll appreciate your help.
Currently Being ModeratedSep 20, 2012 4:44 AM (in response to roam)
Fortunately, I don't have Mail plugins.
I'm rapt this update gives Snow fresh legs.
Not in ~/Library/Mail, but I'm seeing two Plug-ins in Mail.app>Package Contents.
No idea what they do, but perhaps these are the ones that get disabled?
I remember now that when Leopard came along Tiger got one more Security Update in the fall of that year. I hope this isn't going to be like that.
Currently Being ModeratedSep 20, 2012 5:38 AM (in response to jazzmosax)
Nope, haven't found a fix for Attachment Tamer - I've sent the dev an e-mail though.
SpamSieve has a 2.9.5b1 that fixes it, available from a link on the dev's support forum.
Currently Being ModeratedSep 20, 2012 7:39 AM (in response to Claas Hanken)
After the Security Update 2012-004, using one or the other of lesse's two fixes above, I was able to get Letter Opener, OMIC (Letter Box) and MailFollowUp working but not Attachment Tamer which is my most important IMO. I too have sent a meesage to the developer. I have 10.6.8 with Mail 4.6.
Currently Being ModeratedSep 20, 2012 8:54 AM (in response to lesse)
"try both UUIDs (from Mail 5.3 (1283))
Using Terminal to change the Growlmail plist did not work for me under 10.7.5 BUT directly editing the plist and adding the two UUIDs listed for 10.7.5 worked like a charm. Thanks for the tip!