I'm not sure whether this is the proper place to post this notice (or if any other forum might be), but I know some of you use Apple MACs and might need to know this -- the source is the SANS Institute; sans.org is a great source for any security training you might need, expensive though.

CRITICAL: Apple Mac OS X Multiple Vulnerabilities
Mac OS X v10.4.11 and prior
Mac OS X v10.5 through v10.5.7
Mac OS X Server v10.4.11 and prior
Mac OS X Server v10.5 through 10.5.7

Description: Apple Mac OS X contains multiple vulnerabilities in a
variety of its subsystems. Specially crafted input or data handled by
one of these components could trigger vulnerability, leading to a
variety of exploitable conditions. There is an out of bounds error in
bzip2. An error in CFNetwork layer may allow an attacker control the
displayed website URL in a certificate warning. There is a heap overflow
error while processing images with an embedded ColorSync profile. There
is a stack overflow error while processing Canon RAW images. A heap
overflow error, multiple integer overflow errors and an uninitialized
memory access error have been identified within ImageIO while handling
OpenEXR images. There is a stack overflow error in ImageIO in its
handling of EXIF metadata. There is an uninitialized pointer issue while
processing certain PNG images. There are some implementation issues in
the kernel which might give local users elevated privileges. A denial-of
service condition exists in inetd-based launchd service. There is a
format string issue because of the way Login Window handles certain
application names. There is a buffer overflow issue in the kernel in the
way it handles AppleTalk response packets. A buffer overflow exists in
the XQuery in its handling of character classes in regular expressions.
There are some other vulnerabilities which might be less critical. Many
of these vulnerabilities mentioned earlier might be leveraged to execute
arbitrary code with the privileges of the current user or vulnerable

Status: Vendor confirmed, updates available.

Apple Knowledge Base Article
Product Home Page
SecurityFocus BID