Security Update 2016-002 (Mavericks and Yosemite)
Apple has issued Security Update 2016-002 for OS X 10.9 Mavericks and 10.10 Yosemite with a few security fixes that cross over from the concurrently released 10.11.4 El Capitan (see “OS X 10.11.4 Improves Notes, iBooks, and Live Photo Support,” 21 March 2016). The update patches an Apache-related vulnerability associated with processing a maliciously crafted .png file that could lead to arbitrary code execution, multiple memory corruption issues related to XML, and an issue with OpenSSH that could expose an information leak and a buffer overflow. (Free. For 10.9.5 Mavericks, 370.8
MB; for 10.10.5 Yosemite, 462.1 MB)