About Apple security updates
Apple security documents reference vulnerabilities by CVE-ID when possible.
Released December 4, 2017
Available for: macOS Sierra 10.12.6 or later
Impact: Compiling with untrusted sources may lead to arbitrary code execution with user privileges
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2017-7167: sss of Qihoo 360 Nirvan Team