This article originally appeared in TidBITS on 2016-01-19 at 11:06 p.m.
The permanent URL for this article is: http://tidbits.com/article/16208
Include images: Off

Security Update 2016-001 (Mavericks and Yosemite)

by Agen G. N. Schmitz

Apple has issued Security Update 2016-001 [1] for OS X 10.9 Mavericks and 10.10 Yosemite with a single patch that affects the older California-themed OS releases. (The rest of the listed security fixes apply only to the concurrently released OS X 10.11.3 El Capitan; see “OS X 10.11.3 and iOS 9.2.1 Bring Bug Fixes [2],” 19 January 2016.) The update improves memory handling with libxslt (the library used to perform XSL transformations on XML documents) to avoid a type confusion that could allow a maliciously crafted to execute arbitrary code. The security updates are available via Software Update or via direct download from Apple’s Support Downloads Web site. (Free. For 10.9.5 Mavericks [3], 288.3 MB; for 10.10.5 Yosemite [4], 369 MB)

[1]: https://support.apple.com/en-us/HT205731
[2]: http://tidbits.com/article/16205
[3]: https://support.apple.com/kb/DL1857
[4]: https://support.apple.com/kb/DL1856