Security Advisory Critical: firefox security update

Advisory: RHSA-2014:0310-1
Type: Security Advisory
Severity: Critical
Issued on: 2014-03-18
Last updated on: 2014-03-18
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.5)
Red Hat Enterprise Linux Server EUS (v. 6.5.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2014-1493
CVE-2014-1497
CVE-2014-1505
CVE-2014-1508
CVE-2014-1509
CVE-2014-1510
CVE-2014-1511
CVE-2014-1512
CVE-2014-1513
CVE-2014-1514

Details

Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having Critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512,
CVE-2014-1513, CVE-2014-1514)

Several information disclosure flaws were found in the way Firefox
processed malformed web content. An attacker could use these flaws to gain
access to sensitive information such as cross-domain content or protected
memory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497,
CVE-2014-1508, CVE-2014-1505)

A memory corruption flaw was found in the way Firefox rendered certain PDF
files. An attacker able to trick a user into installing a malicious
extension could use this flaw to crash Firefox or, potentially, execute
arbitrary code with the privileges of the user running Firefox.
(CVE-2014-1509)

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij,
Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith,
Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski,
Jüri Aedla, George Hotz, and the security research firm VUPEN as the
original reporters of these issues.

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 24.4.0 ESR. You can find a link to the Mozilla
advisories in the References section of this erratum.

All Firefox users should upgrade to these updated packages, which contain
Firefox version 24.4.0 ESR, which corrects these issues. After installing
the update, Firefox must be restarted for the changes to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
firefox-24.4.0-1.el5_10.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: 2ca3c234de0e665863b3b18765fd6d49
SHA-256: f6c668d6d0b65a9cb3bf45ddf219c749c3f42b0db7c4b652435822438ee21d87
 
IA-32:
firefox-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: 4f80c75ad3f975db0ea6573eec71cb36
SHA-256: 3492d7bf8bc389797346dae70f9baa7af2e9ccb0c679cb381ba6e1f748e4b149
firefox-debuginfo-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: fc048898469dd440c729e2f5d36dad74
SHA-256: 1ab5cb789de2fb3bcf252f00e5377f87e8539dc6e1742877e8d2c765d8317e34
 
IA-64:
firefox-24.4.0-1.el5_10.ia64.rpm
File outdated by:  RHSA-2015:0766
    MD5: c57c3001165ff5eddb52297060932770
SHA-256: 8f528182995f0c786956aa97044c8735ab00a0cf64db78869e2d65283e53b29d
firefox-debuginfo-24.4.0-1.el5_10.ia64.rpm
File outdated by:  RHSA-2015:0766
    MD5: 8bfa032b3fe3ef18814ef39210134cc7
SHA-256: ea0d6f3ee7ecb7ffca8feb910118f56053ac278fa88e90af17e7aff0015eddba
 
PPC:
firefox-24.4.0-1.el5_10.ppc.rpm     MD5: d4ce51bf0a547ec1f4efcc882a474062
SHA-256: 2ff9d86a24cc414eabb3450ee389730798d81a04041cfb9f8af11182be64b301
firefox-debuginfo-24.4.0-1.el5_10.ppc.rpm     MD5: ad4efb65ca4df45ca06371dc4a26ae94
SHA-256: 39986a4703c9e213bd5b5f1b5e57de4742e2d9a41bd6787977b52846eb7b9be8
 
s390x:
firefox-24.4.0-1.el5_10.s390.rpm
File outdated by:  RHSA-2015:1207
    MD5: 8ed81eae610e5f3e1fb9fa7aa8affdf9
SHA-256: ca61869d24b5c3a0aa2d77ba65d6b0f623a97b3e32d32fc4a31ac14195f309d0
firefox-24.4.0-1.el5_10.s390x.rpm
File outdated by:  RHSA-2015:1207
    MD5: d78cf1f0c5dc8c12563091b98b97689a
SHA-256: 33f8f74b887ee1268098a7c0fccaecc56cb27cc60b2345ef2ee8bbd6389c2153
firefox-debuginfo-24.4.0-1.el5_10.s390.rpm
File outdated by:  RHSA-2015:1207
    MD5: 0f56cdf6f049cb3a32e37dfa880e4185
SHA-256: f1dceb1c5e940d2cfe494da55dd0139ac0c8b5e2bc986acb7830bdfad9f62c60
firefox-debuginfo-24.4.0-1.el5_10.s390x.rpm
File outdated by:  RHSA-2015:1207
    MD5: 1968ca76acfb0f2e8b8f8eee842d8bb9
SHA-256: 938902e5504208bc925168c2c759664047b3e430fb7d456f380dba8992ac347d
 
x86_64:
firefox-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: 4f80c75ad3f975db0ea6573eec71cb36
SHA-256: 3492d7bf8bc389797346dae70f9baa7af2e9ccb0c679cb381ba6e1f748e4b149
firefox-24.4.0-1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: 7b9aee7e0b57b050241824d258b74517
SHA-256: f060fffef13dd5e746322a7e5aa384c8a81a5c98197878fd85a515f018a35d7b
firefox-debuginfo-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: fc048898469dd440c729e2f5d36dad74
SHA-256: 1ab5cb789de2fb3bcf252f00e5377f87e8539dc6e1742877e8d2c765d8317e34
firefox-debuginfo-24.4.0-1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: 400685a3c326d1ac6329dc573158d254
SHA-256: 8e20288d384c9c329b67d7d030520354799130d44b90e4dcba503cc97612937c
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
firefox-24.4.0-1.el5_10.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: 2ca3c234de0e665863b3b18765fd6d49
SHA-256: f6c668d6d0b65a9cb3bf45ddf219c749c3f42b0db7c4b652435822438ee21d87
 
IA-32:
firefox-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: 4f80c75ad3f975db0ea6573eec71cb36
SHA-256: 3492d7bf8bc389797346dae70f9baa7af2e9ccb0c679cb381ba6e1f748e4b149
firefox-debuginfo-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: fc048898469dd440c729e2f5d36dad74
SHA-256: 1ab5cb789de2fb3bcf252f00e5377f87e8539dc6e1742877e8d2c765d8317e34
 
x86_64:
firefox-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: 4f80c75ad3f975db0ea6573eec71cb36
SHA-256: 3492d7bf8bc389797346dae70f9baa7af2e9ccb0c679cb381ba6e1f748e4b149
firefox-24.4.0-1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: 7b9aee7e0b57b050241824d258b74517
SHA-256: f060fffef13dd5e746322a7e5aa384c8a81a5c98197878fd85a515f018a35d7b
firefox-debuginfo-24.4.0-1.el5_10.i386.rpm
File outdated by:  RHSA-2015:1207
    MD5: fc048898469dd440c729e2f5d36dad74
SHA-256: 1ab5cb789de2fb3bcf252f00e5377f87e8539dc6e1742877e8d2c765d8317e34
firefox-debuginfo-24.4.0-1.el5_10.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: 400685a3c326d1ac6329dc573158d254
SHA-256: 8e20288d384c9c329b67d7d030520354799130d44b90e4dcba503cc97612937c
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
firefox-24.4.0-1.el6_5.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: cd147b63f75b457cb50a24c138672015
SHA-256: 28e04467f27523fe7355705547539608e7562a81f801f43482aab2873ff37c3c
 
IA-32:
firefox-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
 
x86_64:
firefox-24.4.0-1.el6_5.i686.rpm     MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: a670e1f1b21b1dc5ae57f0a5cf755d02
SHA-256: c83a66b6a70a17666dac544fc082561b43b0d95221af8b727c03f94d47fb644a
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm     MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
firefox-debuginfo-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: ef942210a43cdd85f0eacda122636514
SHA-256: d8137279c72964ec95473f603447368714a7668d9d65cb05880028b53b03e5ba
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
firefox-24.4.0-1.el6_5.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: cd147b63f75b457cb50a24c138672015
SHA-256: 28e04467f27523fe7355705547539608e7562a81f801f43482aab2873ff37c3c
 
x86_64:
firefox-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: a670e1f1b21b1dc5ae57f0a5cf755d02
SHA-256: c83a66b6a70a17666dac544fc082561b43b0d95221af8b727c03f94d47fb644a
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
firefox-debuginfo-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: ef942210a43cdd85f0eacda122636514
SHA-256: d8137279c72964ec95473f603447368714a7668d9d65cb05880028b53b03e5ba
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
firefox-24.4.0-1.el6_5.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: cd147b63f75b457cb50a24c138672015
SHA-256: 28e04467f27523fe7355705547539608e7562a81f801f43482aab2873ff37c3c
 
IA-32:
firefox-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
 
PPC:
firefox-24.4.0-1.el6_5.ppc.rpm     MD5: b666523c4d9e073b73f3b0cda8454a1f
SHA-256: 060ccfd04151c948ddf91ee38b4c114eb4ef735b8a2ee39d17aeed60f6d7982d
firefox-24.4.0-1.el6_5.ppc64.rpm
File outdated by:  RHSA-2015:1207
    MD5: dfe21fc305e69c192a925f7a73dfbac2
SHA-256: c4af0f1ed1178130f31d261025b4051a771bdac22c5495aa05108ec1fd9a6f9c
firefox-debuginfo-24.4.0-1.el6_5.ppc.rpm     MD5: cc8b221a9d38578064a7fd59b806d3ef
SHA-256: 42ddeab19f86213631fe43f414e48f2b467d8ba7cd2eb55c18f678b116989c2e
firefox-debuginfo-24.4.0-1.el6_5.ppc64.rpm
File outdated by:  RHSA-2015:1207
    MD5: 9cd7268e4a2e852f36ee98977e84c739
SHA-256: f454876fcc93f96c3d341ded46f80a695cbb21280fffa1089939026ad4a83b8a
 
s390x:
firefox-24.4.0-1.el6_5.s390.rpm     MD5: 0fc6d4997876c5a0da57eb015ee81455
SHA-256: ad146cabe75d11bedd2b4eb32e47188106e29a6065165289373a6eaacaa44d9d
firefox-24.4.0-1.el6_5.s390x.rpm
File outdated by:  RHSA-2015:1207
    MD5: 3d414b9decc02cbedd0ba9348749bcd4
SHA-256: 7067417111b984c2469c0bf29992d197266c5a4ef3453db30c6707ec3ff91a78
firefox-debuginfo-24.4.0-1.el6_5.s390.rpm     MD5: ce95e36cbd915e049a6c2c1e4d600a9d
SHA-256: 54201fb4e1a6171baf33da788c977fd4273ec658bf703d8be197ef0664707516
firefox-debuginfo-24.4.0-1.el6_5.s390x.rpm
File outdated by:  RHSA-2015:1207
    MD5: 91b1799e88d58c855456b3cb82d55b85
SHA-256: e4070ec9ebc0a714b9927b861bd2e03cb45da12e62ff56e81ef291842927cdd0
 
x86_64:
firefox-24.4.0-1.el6_5.i686.rpm     MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: a670e1f1b21b1dc5ae57f0a5cf755d02
SHA-256: c83a66b6a70a17666dac544fc082561b43b0d95221af8b727c03f94d47fb644a
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm     MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
firefox-debuginfo-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: ef942210a43cdd85f0eacda122636514
SHA-256: d8137279c72964ec95473f603447368714a7668d9d65cb05880028b53b03e5ba
 
Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
firefox-24.4.0-1.el6_5.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: cd147b63f75b457cb50a24c138672015
SHA-256: 28e04467f27523fe7355705547539608e7562a81f801f43482aab2873ff37c3c
 
x86_64:
firefox-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1249
    MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1249
    MD5: a670e1f1b21b1dc5ae57f0a5cf755d02
SHA-256: c83a66b6a70a17666dac544fc082561b43b0d95221af8b727c03f94d47fb644a
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1249
    MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
firefox-debuginfo-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1249
    MD5: ef942210a43cdd85f0eacda122636514
SHA-256: d8137279c72964ec95473f603447368714a7668d9d65cb05880028b53b03e5ba
 
Red Hat Enterprise Linux Server EUS (v. 6.5.z)

SRPMS:
firefox-24.4.0-1.el6_5.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: cd147b63f75b457cb50a24c138672015
SHA-256: 28e04467f27523fe7355705547539608e7562a81f801f43482aab2873ff37c3c
 
IA-32:
firefox-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1249
    MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1249
    MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
 
PPC:
firefox-24.4.0-1.el6_5.ppc.rpm
File outdated by:  RHBA-2014:1249
    MD5: b666523c4d9e073b73f3b0cda8454a1f
SHA-256: 060ccfd04151c948ddf91ee38b4c114eb4ef735b8a2ee39d17aeed60f6d7982d
firefox-24.4.0-1.el6_5.ppc64.rpm
File outdated by:  RHBA-2014:1249
    MD5: dfe21fc305e69c192a925f7a73dfbac2
SHA-256: c4af0f1ed1178130f31d261025b4051a771bdac22c5495aa05108ec1fd9a6f9c
firefox-debuginfo-24.4.0-1.el6_5.ppc.rpm
File outdated by:  RHBA-2014:1249
    MD5: cc8b221a9d38578064a7fd59b806d3ef
SHA-256: 42ddeab19f86213631fe43f414e48f2b467d8ba7cd2eb55c18f678b116989c2e
firefox-debuginfo-24.4.0-1.el6_5.ppc64.rpm
File outdated by:  RHBA-2014:1249
    MD5: 9cd7268e4a2e852f36ee98977e84c739
SHA-256: f454876fcc93f96c3d341ded46f80a695cbb21280fffa1089939026ad4a83b8a
 
s390x:
firefox-24.4.0-1.el6_5.s390.rpm
File outdated by:  RHBA-2014:1249
    MD5: 0fc6d4997876c5a0da57eb015ee81455
SHA-256: ad146cabe75d11bedd2b4eb32e47188106e29a6065165289373a6eaacaa44d9d
firefox-24.4.0-1.el6_5.s390x.rpm
File outdated by:  RHBA-2014:1249
    MD5: 3d414b9decc02cbedd0ba9348749bcd4
SHA-256: 7067417111b984c2469c0bf29992d197266c5a4ef3453db30c6707ec3ff91a78
firefox-debuginfo-24.4.0-1.el6_5.s390.rpm
File outdated by:  RHBA-2014:1249
    MD5: ce95e36cbd915e049a6c2c1e4d600a9d
SHA-256: 54201fb4e1a6171baf33da788c977fd4273ec658bf703d8be197ef0664707516
firefox-debuginfo-24.4.0-1.el6_5.s390x.rpm
File outdated by:  RHBA-2014:1249
    MD5: 91b1799e88d58c855456b3cb82d55b85
SHA-256: e4070ec9ebc0a714b9927b861bd2e03cb45da12e62ff56e81ef291842927cdd0
 
x86_64:
firefox-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1249
    MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1249
    MD5: a670e1f1b21b1dc5ae57f0a5cf755d02
SHA-256: c83a66b6a70a17666dac544fc082561b43b0d95221af8b727c03f94d47fb644a
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHBA-2014:1249
    MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
firefox-debuginfo-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHBA-2014:1249
    MD5: ef942210a43cdd85f0eacda122636514
SHA-256: d8137279c72964ec95473f603447368714a7668d9d65cb05880028b53b03e5ba
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
firefox-24.4.0-1.el6_5.src.rpm
File outdated by:  RHSA-2015:1207
    MD5: cd147b63f75b457cb50a24c138672015
SHA-256: 28e04467f27523fe7355705547539608e7562a81f801f43482aab2873ff37c3c
 
IA-32:
firefox-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm
File outdated by:  RHSA-2015:1207
    MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
 
x86_64:
firefox-24.4.0-1.el6_5.i686.rpm     MD5: a11f53503363bab00540bf6f869c3d7a
SHA-256: a06e2dc5303b62075f64e1bf29d33265515905c4b2d22dac83bbaad39e6579e3
firefox-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: a670e1f1b21b1dc5ae57f0a5cf755d02
SHA-256: c83a66b6a70a17666dac544fc082561b43b0d95221af8b727c03f94d47fb644a
firefox-debuginfo-24.4.0-1.el6_5.i686.rpm     MD5: 89c60fc648f1fc6d14641b5fc712a52f
SHA-256: 53c0cd3a7e17838051b4c5cbf5c5af7822a484bb9b3b55e97992f4dd82b4afee
firefox-debuginfo-24.4.0-1.el6_5.x86_64.rpm
File outdated by:  RHSA-2015:1207
    MD5: ef942210a43cdd85f0eacda122636514
SHA-256: d8137279c72964ec95473f603447368714a7668d9d65cb05880028b53b03e5ba
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1077013 - CVE-2014-1493 Mozilla: Miscellaneous memory safety hazards (rv:24.4) (MFSA 2014-15)
1077016 - CVE-2014-1497 Mozilla: Out of bounds read during WAV file decoding (MFSA 2014-17)
1077025 - CVE-2014-1508 Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)
1077028 - CVE-2014-1509 Mozilla: Memory corruption in Cairo during PDF font rendering (MFSA 2014-27)
1077029 - CVE-2014-1505 Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)
1077490 - CVE-2014-1510 CVE-2014-1511 Mozilla: Privilege escalation using WebIDL-implemented APIs (MFSA 2014-29)
1077491 - CVE-2014-1512 Mozilla: Use-after-free in TypeObject (MFSA 2014-30)
1077492 - CVE-2014-1513 Mozilla: Out-of-bounds read/write through neutering ArrayBuffer objects (MFSA 2014-31)
1077494 - CVE-2014-1514 Mozilla: Out-of-bounds write through TypedArrayObject after neutering (MFSA 2014-32)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/