Hot on the heels of the 10.5.7 update to OSX, Apple has also released a Security Update to Safari 4 beta. At least, that's what a tech note at Apple's kbase says, but I don't see it popping up in my Software Update and the download page to which the tech note points does not have anything about it
For once, Apple is quite talkative about the update content, which addresses:libxmlImpact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code executionDescription: A heap buffer overflow exists in libxml's handling of long entity names. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue is addressed in Safari 3.2.3.SafariImpact: Accessing a maliciously crafted "
