GarageBand 10.1.6 is released today, fixing an arbitrary code execution bug in Yosemite 10.10 and later (CVE-2017-2374)
Theres also second patch for Logic Pro X 10.3.1. Unfortunately, its got the text for the Garageband patch in its notes, so its not clear what is fixed in this update.
As always, all Apple security patches are hosted here: https://support.apple.com/kb/HT201222
===============
Rob VandenBrink
Compugen