Apple has released Safari 8.0.4 for OS X 10.10 Yosemite, along with Safari 7.1.4 for 10.9 Mavericks and Safari 6.2.4 for 10.8 Mountain Lion with a collection of WebKit-related security patches. All three releases include fixes for 16 instances of a vulnerability associated with memory corruption issues that could lead to unexpected application termination or arbitrary code execution (for specific CVE IDs, see the security content notes at Apple Support). The updates also fix a user interface inconsistency that could allow an attacker to misrepresent a URL in a phishing scheme. All three versions of Safari are available from Software Update. (Free)
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.