Apple Security Advisory 2015-01-27-3 - Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and address memory corruption issues that can lead to arbitrary code execution.
ffbe57c64600b7e1c963a99fbe798c9585ea40b12b6d5dcf274b6aa86e401253
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2015-01-27-3 Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3
Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 are now available and
address the following:
WebKit
Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,
OS X Yosemite v10.10.1
Impact: Visiting a maliciously crafted website may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2014-3192 : cloudfuzzer
CVE-2014-4476 : Apple
CVE-2014-4477 : lokihardt@ASRT working with HP's Zero Day
Initiative
CVE-2014-4479 : Apple
Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 may be obtained from
the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
iQIcBAEBAgAGBQJUx8uiAAoJEBcWfLTuOo7tVvAP/RQqyj3sfim+PzlCUCbz0BJ7
EnaZYWHcuWrb/HkfdvnPpWQD6Ts4qdPuLZG++RytXHPMPwwALSSS9BYC7FezyEYx
6jXWiiHo4Lcsl1jKOAuVUfqXKUNQmWaFnaM7twPkcnaioO2950O7FlO9lv/l/x9F
SFKvrytBeFoctVBbWeVpPBs0zJFGUd0MgxJj+gjlxyJusm1tXi0/Jjs1zvdvUxdf
fo+VPGYN3PJshtLZyXxNciUKk+mo2YHqiNLpEXzeDrLTW6+x8xBGTdQuMf4EPt+M
5/jwTJF4Hb45+VnjsezcS3fqUC3WbimO44+jJHtlZ7+02sWl6ZH3he4K/QC/vyyN
D4lAzy7FYl5Mv6tUUMxyVq3a21LVSOiuEFaqPQLlAWeHrH5iod2qBXoedlcc1wO3
99JCgiZkli+I7j4Fyqb5yBK3UJ3q0Muqv07OEAODxE05WmEGnJ2Pjs+wAjsutckI
RKEseE5S/l7fC8u9C857OhaE8LbhuwFE4ysT4yi8Jg+TP33CRWbQeowzLL2ooO/q
sVjm/AZnQOm0iFfKV6SluPLH4tJDSdSAg87KznoY1jRhlXYO1+PZM4yqMKzr+R3Z
qVer+pZfmb8u3PI62DG9E0rXG7A52Tgk9d/FOETRkp+b/ZATyB4Txao2ndJeGT1y
KFzfoOFfT788FlTbDEPC
=bowY
-----END PGP SIGNATURE-----