An updated firefox package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 5 and 6.The Red Hat Security Response Team has rated this update as having Criticalsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,which give detailed severity ratings, are available for each vulnerabilityfrom the CVE links in the References section.

Mozilla Firefox is an open source web browser.Several flaws were found in the processing of malformed web content. A webpage containing malicious content could cause Firefox to crash or,potentially, execute arbitrary code with the privileges of the user runningFirefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531)A use-after-free flaw was found in the way Firefox resolved hosts incertain circumstances. An attacker could use this flaw to crash Firefox or,potentially, execute arbitrary code with the privileges of the user runningFirefox. (CVE-2014-1532)An out-of-bounds read flaw was found in the way Firefox decoded JPEGimages. Loading a web page containing a specially crafted JPEG image couldcause Firefox to crash. (CVE-2014-1523)A flaw was found in the way Firefox handled browser navigations throughhistory. An attacker could possibly use this flaw to cause the address barof the browser to display a web page name while loading content from anentirely different web page, which could allow for cross-site scripting(XSS) attacks. (CVE-2014-1530)Red Hat would like to thank the Mozilla project for reporting these issues.Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, GaryKwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler,Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and JesseSchwartzentrube as the original reporters of these issues.For technical details regarding these flaws, refer to the Mozilla securityadvisories for Firefox 24.5.0 ESR. You can find a link to the Mozillaadvisories in the References section of this erratum.All Firefox users should upgrade to this updated package, which containsFirefox version 24.5.0 ESR, which corrects these issues. After installingthe update, Firefox must be restarted for the changes to take effect.
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
firefox-24.5.0-1.el5_10.src.rpm
    MD5: 6ccf02ab74b9fec2e4ab356cc66ab631SHA-256: f8e411ab48390c4ab93940a4a89b9e9cf91efbac81822af2856665171ab4c5a5
 
IA-32:
firefox-24.5.0-1.el5_10.i386.rpm
    MD5: 9aeba26e217b10db27410dcf5b058b38SHA-256: c87957cfbe713a9aa86e0c0c00d430f8aa752af9a843d7f10483d3d2d100bc4f
firefox-debuginfo-24.5.0-1.el5_10.i386.rpm
    MD5: a754c4240af291e2e56715014b03e753SHA-256: b040c594357bf8db8463856bfd32a64d2f30a13fbcd8c5c6eb1d9a62b050c663
 
IA-64:
firefox-24.5.0-1.el5_10.ia64.rpm
    MD5: d861c2ccc4641d9add4a442c1b5af098SHA-256: 0e3ae1e57bc5dcb7957d972cfe7c8208ba6fc572d96a2e75568fc1f27ca29b04
firefox-debuginfo-24.5.0-1.el5_10.ia64.rpm
    MD5: 1a1e3a61a0695835385cd4f5122972b1SHA-256: 3cdc142bfa2d3a8e65ed87dd626e8f0859ad35801823a4862c1fdf0d51bf86e5
 
PPC:
firefox-24.5.0-1.el5_10.ppc.rpm
    MD5: 221fc77bb043c1b2c1a1450bbf9914daSHA-256: ad47fc81b3543a1f802148b05b26e14da39d58dcdc9b311722dafc1af28e0382
firefox-debuginfo-24.5.0-1.el5_10.ppc.rpm
    MD5: 68e4251860e97ef81333ca3e61602964SHA-256: 72fea78b327bc8f6d9f23a4f3a74420233c8d013445631a07727b4cedd7e5293
 
s390x:
firefox-24.5.0-1.el5_10.s390.rpm
    MD5: a66f169e25317b6f483c1aa26c2fb6bcSHA-256: 37b8a2fa8d04e161101127bb571e77253f1b23e6e88f7e3c20cfac2bcd267856
firefox-24.5.0-1.el5_10.s390x.rpm
    MD5: 006cce901e601f3fa523fb03c149105fSHA-256: 41e9b43bcc1c950fac3ed3751c35e83fd3b558fa62b872e259b40c9d5b3d634e
firefox-debuginfo-24.5.0-1.el5_10.s390.rpm
    MD5: ef106e0a3adebc81ecee9bd77d7a93d6SHA-256: 7ddda7da1592090128bbceea0377b6155d04848d14f508b8e84be9537820925f
firefox-debuginfo-24.5.0-1.el5_10.s390x.rpm
    MD5: 3376bb144780f2390844d13c23b12755SHA-256: 579a6b0606d9eb2b4b2d14cf48e6a909a2d14729814cd88a37b1c8d0725cf457
 
x86_64:
firefox-24.5.0-1.el5_10.i386.rpm
    MD5: 9aeba26e217b10db27410dcf5b058b38SHA-256: c87957cfbe713a9aa86e0c0c00d430f8aa752af9a843d7f10483d3d2d100bc4f
firefox-24.5.0-1.el5_10.x86_64.rpm
    MD5: 15100a3fa98209b85c85532c23539dcfSHA-256: 679d41b46773f7bd37ca9c4ada19f4c44d1504f7d240118c185dcd3f96566311
firefox-debuginfo-24.5.0-1.el5_10.i386.rpm
    MD5: a754c4240af291e2e56715014b03e753SHA-256: b040c594357bf8db8463856bfd32a64d2f30a13fbcd8c5c6eb1d9a62b050c663
firefox-debuginfo-24.5.0-1.el5_10.x86_64.rpm
    MD5: d0a8f119b6ca52b1980dfb4bf1074d8cSHA-256: ab25f88cfe61b9cea1df68846cda460afd80d2d9cb052132898e35b4898cd08c
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
firefox-24.5.0-1.el5_10.src.rpm
    MD5: 6ccf02ab74b9fec2e4ab356cc66ab631SHA-256: f8e411ab48390c4ab93940a4a89b9e9cf91efbac81822af2856665171ab4c5a5
 
IA-32:
firefox-24.5.0-1.el5_10.i386.rpm
    MD5: 9aeba26e217b10db27410dcf5b058b38SHA-256: c87957cfbe713a9aa86e0c0c00d430f8aa752af9a843d7f10483d3d2d100bc4f
firefox-debuginfo-24.5.0-1.el5_10.i386.rpm
    MD5: a754c4240af291e2e56715014b03e753SHA-256: b040c594357bf8db8463856bfd32a64d2f30a13fbcd8c5c6eb1d9a62b050c663
 
x86_64:
firefox-24.5.0-1.el5_10.i386.rpm
    MD5: 9aeba26e217b10db27410dcf5b058b38SHA-256: c87957cfbe713a9aa86e0c0c00d430f8aa752af9a843d7f10483d3d2d100bc4f
firefox-24.5.0-1.el5_10.x86_64.rpm
    MD5: 15100a3fa98209b85c85532c23539dcfSHA-256: 679d41b46773f7bd37ca9c4ada19f4c44d1504f7d240118c185dcd3f96566311
firefox-debuginfo-24.5.0-1.el5_10.i386.rpm
    MD5: a754c4240af291e2e56715014b03e753SHA-256: b040c594357bf8db8463856bfd32a64d2f30a13fbcd8c5c6eb1d9a62b050c663
firefox-debuginfo-24.5.0-1.el5_10.x86_64.rpm
    MD5: d0a8f119b6ca52b1980dfb4bf1074d8cSHA-256: ab25f88cfe61b9cea1df68846cda460afd80d2d9cb052132898e35b4898cd08c
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
firefox-24.5.0-1.el6_5.src.rpm
    MD5: 9d5ce6f7a942e248494fd085f88a9111SHA-256: e365d7ee6609d83adcca9d5e32a656d85126cc582e02d749018d25047ba9aa40
 
IA-32:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
 
x86_64:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-24.5.0-1.el6_5.x86_64.rpm
    MD5: 867eb2d549794ef451dc3dbb3a7dcea4SHA-256: 265acccff4ae6a24265b9233d05b3b9069ef79feb7ef156cd33d79fcc6c964d9
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
firefox-debuginfo-24.5.0-1.el6_5.x86_64.rpm
    MD5: 747e7771f6c4f357eaf19d692d26919fSHA-256: 9517a66e916e096ce86d5ea494ba07704b5c928dab8d4f2db229f2856831d881
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
firefox-24.5.0-1.el6_5.src.rpm
    MD5: 9d5ce6f7a942e248494fd085f88a9111SHA-256: e365d7ee6609d83adcca9d5e32a656d85126cc582e02d749018d25047ba9aa40
 
x86_64:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-24.5.0-1.el6_5.x86_64.rpm
    MD5: 867eb2d549794ef451dc3dbb3a7dcea4SHA-256: 265acccff4ae6a24265b9233d05b3b9069ef79feb7ef156cd33d79fcc6c964d9
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
firefox-debuginfo-24.5.0-1.el6_5.x86_64.rpm
    MD5: 747e7771f6c4f357eaf19d692d26919fSHA-256: 9517a66e916e096ce86d5ea494ba07704b5c928dab8d4f2db229f2856831d881
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
firefox-24.5.0-1.el6_5.src.rpm
    MD5: 9d5ce6f7a942e248494fd085f88a9111SHA-256: e365d7ee6609d83adcca9d5e32a656d85126cc582e02d749018d25047ba9aa40
 
IA-32:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
 
PPC:
firefox-24.5.0-1.el6_5.ppc.rpm
    MD5: af49b91c2754c03b90d0e73eb6daccdaSHA-256: 4e640fb0eb5546215e85a2fcde4a6662b17001cd8655ed28f22d14b5fe60c9e1
firefox-24.5.0-1.el6_5.ppc64.rpm
    MD5: b9e5150f1da639a29faef5f050e6b254SHA-256: adb41ce1bc674f19795230b8afef1b36a1bc668d1b51e51d6961a877f6db4a7a
firefox-debuginfo-24.5.0-1.el6_5.ppc.rpm
    MD5: 5d2fa602179de2907b2020c1d9e3c080SHA-256: 6414ff53bde30c4b27dea3cab9ea0d303ad76b8edcbfe4bf8e4f66d2e3b846de
firefox-debuginfo-24.5.0-1.el6_5.ppc64.rpm
    MD5: 83200248bcb58afc9782d997aae2c567SHA-256: cbaf772934e284578f2bf45a6ccac614d6f17d22bda3bbb3afbd32841fda9e9c
 
s390x:
firefox-24.5.0-1.el6_5.s390.rpm
    MD5: 7e46e45794ad61c5feec26209599cb8bSHA-256: d307a0ce617786c5258ccf440916c5653461e2ae6624e71b1ab3a6f6cc170f00
firefox-24.5.0-1.el6_5.s390x.rpm
    MD5: 92732f27a975bd539a2aa4e169d6e071SHA-256: 87c27745539a020ea49d287677589a87efa2f30fa3299344073e44ae0c25d1e8
firefox-debuginfo-24.5.0-1.el6_5.s390.rpm
    MD5: 2eeeb5ff90581303bb5de59e81460faeSHA-256: 9183f0b6248cde8d4d5fd525c9a2ceb7d89108a614f29a6e0a908db0a6e653d0
firefox-debuginfo-24.5.0-1.el6_5.s390x.rpm
    MD5: c2812fb40ca39e76635ac56e933ef847SHA-256: a163dc8437c156acd7b9918c25d8110e924b94d9bfa16905c445e0d02cafa3bd
 
x86_64:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-24.5.0-1.el6_5.x86_64.rpm
    MD5: 867eb2d549794ef451dc3dbb3a7dcea4SHA-256: 265acccff4ae6a24265b9233d05b3b9069ef79feb7ef156cd33d79fcc6c964d9
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
firefox-debuginfo-24.5.0-1.el6_5.x86_64.rpm
    MD5: 747e7771f6c4f357eaf19d692d26919fSHA-256: 9517a66e916e096ce86d5ea494ba07704b5c928dab8d4f2db229f2856831d881
 
Red Hat Enterprise Linux Server AUS (v. 6.5)

SRPMS:
firefox-24.5.0-1.el6_5.src.rpm
    MD5: 9d5ce6f7a942e248494fd085f88a9111SHA-256: e365d7ee6609d83adcca9d5e32a656d85126cc582e02d749018d25047ba9aa40
 
x86_64:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-24.5.0-1.el6_5.x86_64.rpm
    MD5: 867eb2d549794ef451dc3dbb3a7dcea4SHA-256: 265acccff4ae6a24265b9233d05b3b9069ef79feb7ef156cd33d79fcc6c964d9
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
firefox-debuginfo-24.5.0-1.el6_5.x86_64.rpm
    MD5: 747e7771f6c4f357eaf19d692d26919fSHA-256: 9517a66e916e096ce86d5ea494ba07704b5c928dab8d4f2db229f2856831d881
 
Red Hat Enterprise Linux Server EUS (v. 6.5.z)

SRPMS:
firefox-24.5.0-1.el6_5.src.rpm
    MD5: 9d5ce6f7a942e248494fd085f88a9111SHA-256: e365d7ee6609d83adcca9d5e32a656d85126cc582e02d749018d25047ba9aa40
 
IA-32:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
 
PPC:
firefox-24.5.0-1.el6_5.ppc.rpm
    MD5: af49b91c2754c03b90d0e73eb6daccdaSHA-256: 4e640fb0eb5546215e85a2fcde4a6662b17001cd8655ed28f22d14b5fe60c9e1
firefox-24.5.0-1.el6_5.ppc64.rpm
    MD5: b9e5150f1da639a29faef5f050e6b254SHA-256: adb41ce1bc674f19795230b8afef1b36a1bc668d1b51e51d6961a877f6db4a7a
firefox-debuginfo-24.5.0-1.el6_5.ppc.rpm
    MD5: 5d2fa602179de2907b2020c1d9e3c080SHA-256: 6414ff53bde30c4b27dea3cab9ea0d303ad76b8edcbfe4bf8e4f66d2e3b846de
firefox-debuginfo-24.5.0-1.el6_5.ppc64.rpm
    MD5: 83200248bcb58afc9782d997aae2c567SHA-256: cbaf772934e284578f2bf45a6ccac614d6f17d22bda3bbb3afbd32841fda9e9c
 
s390x:
firefox-24.5.0-1.el6_5.s390.rpm
    MD5: 7e46e45794ad61c5feec26209599cb8bSHA-256: d307a0ce617786c5258ccf440916c5653461e2ae6624e71b1ab3a6f6cc170f00
firefox-24.5.0-1.el6_5.s390x.rpm
    MD5: 92732f27a975bd539a2aa4e169d6e071SHA-256: 87c27745539a020ea49d287677589a87efa2f30fa3299344073e44ae0c25d1e8
firefox-debuginfo-24.5.0-1.el6_5.s390.rpm
    MD5: 2eeeb5ff90581303bb5de59e81460faeSHA-256: 9183f0b6248cde8d4d5fd525c9a2ceb7d89108a614f29a6e0a908db0a6e653d0
firefox-debuginfo-24.5.0-1.el6_5.s390x.rpm
    MD5: c2812fb40ca39e76635ac56e933ef847SHA-256: a163dc8437c156acd7b9918c25d8110e924b94d9bfa16905c445e0d02cafa3bd
 
x86_64:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-24.5.0-1.el6_5.x86_64.rpm
    MD5: 867eb2d549794ef451dc3dbb3a7dcea4SHA-256: 265acccff4ae6a24265b9233d05b3b9069ef79feb7ef156cd33d79fcc6c964d9
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
firefox-debuginfo-24.5.0-1.el6_5.x86_64.rpm
    MD5: 747e7771f6c4f357eaf19d692d26919fSHA-256: 9517a66e916e096ce86d5ea494ba07704b5c928dab8d4f2db229f2856831d881
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
firefox-24.5.0-1.el6_5.src.rpm
    MD5: 9d5ce6f7a942e248494fd085f88a9111SHA-256: e365d7ee6609d83adcca9d5e32a656d85126cc582e02d749018d25047ba9aa40
 
IA-32:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
 
x86_64:
firefox-24.5.0-1.el6_5.i686.rpm
    MD5: e6e36c972ecabb27c8bda1a6db6ab851SHA-256: 354c96562cdda86e564f2454ebc96794f852afc94870d2dafe05c8d3667f2bd2
firefox-24.5.0-1.el6_5.x86_64.rpm
    MD5: 867eb2d549794ef451dc3dbb3a7dcea4SHA-256: 265acccff4ae6a24265b9233d05b3b9069ef79feb7ef156cd33d79fcc6c964d9
firefox-debuginfo-24.5.0-1.el6_5.i686.rpm
    MD5: ef2fee3e6fd5d2fd8ac1ee9c8cca7dd9SHA-256: c36d79badfe6c7d4c35ebbaab0ced679f8b2e764a8762e4840d8560c986dbce8
firefox-debuginfo-24.5.0-1.el6_5.x86_64.rpm
    MD5: 747e7771f6c4f357eaf19d692d26919fSHA-256: 9517a66e916e096ce86d5ea494ba07704b5c928dab8d4f2db229f2856831d881
 
(The unlinked packages above are only available from the Red Hat Network)
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply