Just thought to drop a note to remind people that Apple provides a mailing list providing you with the newest security information related to Mac OS X. If you wish to subscribe (or unsubscribe), just visit the security-announce list home page. By subscribing, you'll get at least a hint if Apple releases a new security update.
After the latest Apache/SSH exploits and Apple's somewhat late reaction, it seems that they think they should improve their efforts, based on the following announcement posted to the list yesterday:
Subject: Mac OS X and Mac OS X Server - "In Evaluation" under Common CriteriaHere's the full announcement; you'll need to use the username "archives" and password "archives" to view the page.
To: security-announce@lists.apple.com
From: Product Security <product-security@apple.com>
Date: Mon, 1 Jul 2002 11:34:58 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Apple has engaged Science Applications International Corporation (SAIC) to conduct a Common Criteria evaluation of Mac OS X and Mac OS X Server.
The Common Criteria is an internationally accepted standard that permits comparability between the results of independent security evaluations by providing a common set of requirements for the security functions of IT products and for assurance measures applied to them during a security evaluation.
Mac OS X Hints
http://hints.macworld.com/article.php?story=20020702091045297