Frode Moe

**Name of the Vulnerable Software and Affected Versions** Safari in Apple iOS versions prior to 8.3 **Description** The issue allows attackers to obtain sensitive information by reading a history file because Safari does not delete Recently Closed Tabs data when a user clears their history. **Recommendations** For versions prior to 8.3, update to version 8.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** OS X versions prior to 10.10.2 **Description** The issue allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a self-signed certificate or Developer ID certificate. **Recommendations** For OS X versions prior to 10.10.2, update to version 10.10.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10.2 **Description** The issue allows remote attackers to discover recipient IP addresses by including an inline image in an HTML e-mail message and logging HTTP requests for this image's URL, due to the failure of Spotlight to enforce the Mail "Load remote content in messages" configuration. **Recommendations** For Apple OS X versions prior to 10.10.2, update to version 10.10.2 or later to resolve the issue.