firefox security update

2016-04-26T23:59:06
ID CESA-2016:0695
Type centos
Reporter CentOS Project
Modified 2016-04-27T15:34:55

Description

CentOS Errata and Security Advisory CESA-2016:0695

Mozilla Firefox is an open source web browser.

This update upgrades Firefox to version 45.1.0 ESR.

Security Fix(es):

  • Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-2805, CVE-2016-2806, CVE-2016-2807, CVE-2016-2808, CVE-2016-2814)

Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Phil Ringalda, CESG (the Information Security Arm of GCHQ), Sascha Just, Jesse Ruderman, Christian Holler, Tyson Smith, Boris Zbarsky, David Bolter, Carsten Book, Mats Palmgren, Gary Kwong, and Randell Jesup as the original reporters.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2016-April/033890.html http://lists.centos.org/pipermail/centos-announce/2016-April/033891.html http://lists.centos.org/pipermail/centos-announce/2016-April/033892.html

Affected packages: firefox

Upstream details at: https://rhn.redhat.com/errata/RHSA-2016-0695.html