APPLE-SA-2016-01-19-3 Safari 9.0.3

APPLE-SA-2016-01-19-3 Safari 9.0.3

Safari 9.0.3 is now available and addresses the following:

WebKit
Available for:  OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
OS X El Capitan v10.11 to v10.11.2
Impact:  Visiting a maliciously crafted website may lead to arbitrary
code execution
Description:  Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2016-1723 : Apple
CVE-2016-1724 : Apple
CVE-2016-1725 : Apple
CVE-2016-1726 : Apple
CVE-2016-1727 : Apple

WebKit CSS
Available for:  OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
OS X El Capitan v10.11 to v10.11.2
Impact:  Websites may know if the user has visited a given link
Description:  A privacy issue existed in the handling of the
"a:visited button" CSS selector when evaluating the containing
element's height. This was addressed through improved validation.
CVE-ID
CVE-2016-1728 : an anonymous researcher coordinated via Joe Vennix