This article originally appeared in TidBITS on 2016-01-19 at 11:06 p.m.
The permanent URL for this article is:
Include images: Off

Security Update 2016-001 (Mavericks and Yosemite)

by Agen G. N. Schmitz

Apple has issued Security Update 2016-001 [1] for OS X 10.9 Mavericks and 10.10 Yosemite with a single patch that affects the older California-themed OS releases. (The rest of the listed security fixes apply only to the concurrently released OS X 10.11.3 El Capitan; see “OS X 10.11.3 and iOS 9.2.1 Bring Bug Fixes [2],” 19 January 2016.) The update improves memory handling with libxslt (the library used to perform XSL transformations on XML documents) to avoid a type confusion that could allow a maliciously crafted to execute arbitrary code. The security updates are available via Software Update or via direct download from Apple’s Support Downloads Web site. (Free. For 10.9.5 Mavericks [3], 288.3 MB; for 10.10.5 Yosemite [4], 369 MB)