-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.2076
                               Safari 9.1.3
                             2 September 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Safari
Publisher:         Apple
Operating System:  OS X
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-4654  

Reference:         ESB-2016.1907

Original Bulletin: 
   https://support.apple.com/kb/HT207131

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-09-01-1 Safari 9.1.3

Safari 9.1.3 is now available and addresses the following:

WebKit
Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El 
Capitan v10.11.6
Impact: Visiting a maliciously crafted website may lead to arbitrary code 
execution
Description: A memory corruption issue was addressed through improved memory 
handling.
CVE-2016-4654: Citizen Lab and Lookout

Safari 9.1.3 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXyLrYAAoJEIOj74w0bLRGT+kP/0CW50DuhNJuRp8bQe0N+eaP
2S1qiKtGPx720UZwmWvEnyoouvJkmxIEY3Gqbd1Wx+jNcPEAwbbQCEfuhOxFWPJq
ObR/YD1dbMKLM7FgQmYfPEBsnc9NskW11znVfrEQrXbX2W/k7UrTEF8angUKvd1k
sIEy0zBWIQb0TtBIv6aiJ1MaxZsbblJo/jBBqV9XYE7S+QWRaP2ckpfUZcFDPS/1
8wZ5XqV1FGq3ISCPIFeULX4ucwwThQhgINxGfRYlxtNiIsf8fM5FspjJZfAYaRo7
rDf5y60sm2met+Fn0sCtmilGtZtQF44vV3C7/7Dy9JfhaCh/0VI/a2gOheRbSMex
NcDXiqw6YkQCDnv+PTPMUtpLtLFB2DQhp/7+dl9lwsARyTvLNNYdJKehDK93bE95
u8uECkToCo/Oorhh7/vNRstIfu/+Ox9TizIIi1H3rnjF/QD7doDuZqjDiLjf94Ob
7jQVhEOlES3yTruwaa7cMF7R29j2FWo6cHT77wYxwZe3ZM2pvluQLRAG2NxOIiqq
XrkKk1l7rUiDKZDFCnbH4OQHc9t5N3KKLzvAMw2CnAucIQ7MNKrVddhoxA/yh2n/
E2R4STEvRdOqeh+iwK4+ejZjVYtxNXfVlGsYpceUFGpFJ4ZxCKLw4pXiqIhsOX36
wbAQUOQv10xaXiWVOW9O
=RnWu
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBV8jPMIx+lLeg9Ub1AQhDLg//QOADX0OYK75U7GJH8Hk5qee7s7F6oyaj
2CxcciH2yhS2wP7RajxoMa2/LpwpLK99diJRrlCzjUeatvvwjlstHeaeSP2Di78r
8U04Et1ZBFpGP2L0HhNIkBCU0i7Z3AIA0ZPwRyHXnrw8egjEbJHesXuphbAp8x6F
ibno07DR+OwatZibeXQaKMBwpe80DDI5IAtGS94w0AZ6f2MuTtqP8zAoZ8/Y7d3r
2akBLkATD28nz6au7DHLBNiQQYF92hzZp3J9yQ+3/aw4WAwyh21MZT4oZWsXhXsN
XPpfFGsFlKUHj+VlsT/+8b6f1AA6rxfpmWI5WmuWQ9Iy+obQZjHNCYikNIC8ZQJX
bw0TgV1BGGZKgRcQtp5cPPD8VxNMniyA/umQVrLUCXV0YjalX5SiRvS+p3I76YN4
WWOGO26/qEDNPouvJVi0zV9w5on1AuWH5fE3GmorRG15dW7rTR0fDrruytjYCmB1
7Fa313lp1GV3qORCfL40ULWQFUHUcLMF9bwsdqtP4ziBJj0cFjckm6xkk4iZeJ2Z
Sy11iVu2YLQ5ux7uPbWYmDtxFj6pEhT5QR+Zrn6cPHpd9uc+LE0f/dYOf7mELNz/
HBzuiyFPtaRcs3T1dOiEZUMTC1RP26v30MFh7fE3gz8sCriZ/FN6OJFKPW4qD1Zm
mJckL4Jrde8=
=MAEw
-----END PGP SIGNATURE-----