Apple updated its Xcode integrated development environment (IDE) to address vulnerabilities.
Apple updated Xcode to version 8.1 to address ten security holes an attacker could leverage for arbitrary code execution or to cause an application crash.
The update fixes vulnerabilities in Node.js and OpenSSL. Apple said it updated the Node.js version used in Xcode Server to 4.5.0, which became available in mid-August.
One of the flaws can lead to disclosure of user information. The second issue, discovered by Apple can lead to arbitrary code execution. An attacker could leverage either vulnerability through processing of specially crafted web content.
The information disclosure flaw was also resolved earlier in Safari and tvOS. The code execution bug also affects iOS and it ended up fixed with the release of version 10.1.