firefox-38.6.1-1.0.1.el7.AXS7

エラータID: AXSA:2016-101:02

Release date: 
Thursday, February 18, 2016 - 10:59
Subject: 
firefox-38.6.1-1.0.1.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

Security issues fixed with this release:

CVE-2016-1521
The directrun function in directmachine.cpp in Libgraphite in Graphite
2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x
before 38.6.1, does not validate a certain skip operation, which
allows remote attackers to execute arbitrary code, obtain sensitive
information, or cause a denial of service (out-of-bounds read and
application crash) via a crafted Graphite smart font.
CVE-2016-1522
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla
Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not
consider recursive load calls during a size check, which allows remote
attackers to cause a denial of service (heap-based buffer overflow) or
possibly execute arbitrary code via a crafted Graphite smart font.
CVE-2016-1523
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in
Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox
ESR 38.x before 38.6.1, mishandles a return value, which allows remote
attackers to cause a denial of service (missing initialization, NULL
pointer dereference, and application crash) via a crafted Graphite
smart font.

Solution: 

Update packages.

CVEs: 
CVE-2016-1521
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
CVE-2016-1522
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font.
CVE-2016-1523
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.
Additional Info: 

N/A

Download: 

SRPMS
  1. firefox-38.6.1-1.0.1.el7.AXS7.src.rpm
    MD5: c6f91f7ea843b491196a37c4637ac83a
    SHA-256: bc25e179f30ff9c94a71d6756eda7937b9a19e7f9af8053205d48bbda08b76e8
    Size: 305.54 MB

Asianux Server 7 for x86_64
  1. firefox-38.6.1-1.0.1.el7.AXS7.x86_64.rpm
    MD5: 42a342f9e061c2a9d1a2a957c5be758c
    SHA-256: 60fe1d0a7d182995651ddcece7f1c649f200f238112edea4c5637e444287935a
    Size: 71.56 MB
  2. firefox-38.6.1-1.0.1.el7.AXS7.i686.rpm
    MD5: 7bdaa736cacf5adb9c6ba19e9cb40aa9
    SHA-256: eeaf7f0d8b5dd2c835b72dcdc6ad45b94299c7ace12b62e969d982c89850e530
    Size: 71.78 MB