Synopsis: Critical: firefox security update
Advisory ID: SLSA-2015:0265-1
Issue Date: 2015-02-25
CVE Numbers: CVE-2015-0836
CVE-2015-0831
CVE-2015-0827
CVE-2015-0822
—
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827)
An information leak flaw was found in the way Firefox implemented
autocomplete forms. An attacker able to trick a user into specifying a
local file in the form could use this flaw to access the contents of that
file. (CVE-2015-0822)
After installing the update, Firefox must be restarted for the changes
to take effect.
—
SL5
x86_64
firefox-31.5.0-1.el5_11.i386.rpm
firefox-31.5.0-1.el5_11.x86_64.rpm
firefox-debuginfo-31.5.0-1.el5_11.i386.rpm
firefox-debuginfo-31.5.0-1.el5_11.x86_64.rpm
i386
firefox-31.5.0-1.el5_11.i386.rpm
firefox-debuginfo-31.5.0-1.el5_11.i386.rpm
SL6
x86_64
firefox-31.5.0-1.el6_6.x86_64.rpm
firefox-debuginfo-31.5.0-1.el6_6.x86_64.rpm
firefox-31.5.0-1.el6_6.i686.rpm
firefox-debuginfo-31.5.0-1.el6_6.i686.rpm
i386
firefox-31.5.0-1.el6_6.i686.rpm
firefox-debuginfo-31.5.0-1.el6_6.i686.rpm
SL7
x86_64
firefox-31.5.0-2.el7_0.x86_64.rpm
firefox-debuginfo-31.5.0-2.el7_0.x86_64.rpm
xulrunner-31.5.0-1.el7_0.i686.rpm
xulrunner-31.5.0-1.el7_0.x86_64.rpm
xulrunner-debuginfo-31.5.0-1.el7_0.i686.rpm
xulrunner-debuginfo-31.5.0-1.el7_0.x86_64.rpm
firefox-31.5.0-2.el7_0.i686.rpm
firefox-debuginfo-31.5.0-2.el7_0.i686.rpm
xulrunner-devel-31.5.0-1.el7_0.i686.rpm
xulrunner-devel-31.5.0-1.el7_0.x86_64.rpm
– Scientific Linux Development Team
