It was reported [1] that WebKit allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs. Upstream release: http://www.webkitgtk.org/2015/01/07/webkitgtk2.4.8-released.html [1]: http://support.apple.com/en-us/HT6367