====================================================================

                              CERT-Renater

                   Note d'Information No. 2016/VULN028
_____________________________________________________________________

DATE                : 20/01/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Safari versions 9 prior to 9.0.3.

======================================================================
http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html
_____________________________________________________________________

APPLE-SA-2016-01-19-3 Safari 9.0.3

Safari 9.0.3 is now available and addresses the following:

WebKit
Available for:  OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
OS X El Capitan v10.11 to v10.11.2
Impact:  Visiting a maliciously crafted website may lead to arbitrary
code execution
Description:  Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2016-1723 : Apple
CVE-2016-1724 : Apple
CVE-2016-1725 : Apple
CVE-2016-1726 : Apple
CVE-2016-1727 : Apple

WebKit CSS
Available for:  OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
OS X El Capitan v10.11 to v10.11.2
Impact:  Websites may know if the user has visited a given link
Description:  A privacy issue existed in the handling of the
"a:visited button" CSS selector when evaluating the containing
element's height. This was addressed through improved validation.
CVE-ID
CVE-2016-1728 : an anonymous researcher coordinated via Joe Vennix


==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================