Go

[Cory Cooper]

Apple released QuickTime 7.0.1 today. Enhancements/bug fixes include:

QuickTime 7.0.1

* QuickTime Quartz Composer Plugin

CVE-ID: CAN-2005-1334
Available for: QuickTime 7.0
Impact: With QuickTime 7.0, a QuickTime movie containing a maliciously crafted Quartz Composer object can leak data to an arbitrary web location.
Description: Quartz Composer objects can be wrapped in a QuickTime track and delivered as a QuickTime movie. With QuickTime 7.0, a Quartz Composer object can gather local data and send it using an encoded URL to an arbitrary web location. The QuickTime 7.0.1 update modifies the QuickTime Quartz Composer Plugin to prevent access to remote web locations. Credit to David Remahl (www.remahl.se/david) for reporting this issue.

Available via Software Update or here

C

 

[Ric]

Re: QuickTime 7.0.1

Thanks C,

Looks like if you have the 'Pro' vers 5 or 6, this update will 'break it'...and you will have to buy the Quicktime 7 key !

Important Notice to QuickTime Pro Users
Installation of QuickTime 7 will disable the QuickTime Pro functionality in prior versions of QuickTime, such as QuickTime 5 or QuickTime 6. If you proceed with this installation, you must purchase a new QuickTime 7 Pro key to regain QuickTime Pro functionality. After installation, visit www.apple.com/quicktime to purchase a QuickTime 7 Pro key.

...I never thought about entering my Pro 6 key...just bought the 7 key, always been to honest.

 

[Cory Cooper]

Correct...but the previous Version 7 that came with Tiger is actually the one that forced the purchase of a new key. This is just a security update.

I bought a new key too...have bought them all since Apple started with QT Pro. I now have a nice collection of $30 pieces of paper with letters and numbers on them.

 

[Ric]

Re: QuickTime 7.0.1

Ditto. Lots of paper.

Shouldn't post when half asleep...read the QT 7 readme 'wrong' if you know what I mean !?