| Errata ID | 77 |
|---|---|
| Date | 2014-03-20 |
| Source package | firefox-en |
| Fixed in version | 24.4.0esr-6.34.201403191202 |
| Description | This update consists of two updates for firefox-en and firefox-de. Several vulnerabilities have been fixed with the update to Firefox ESR 24.4: * Memory corruption in the browser engine (CVE-2014-1493) * Out of bounds read in processing WAV files (CVE-2014-1497) * Information disclosure in SVG filters (CVE-2014-1505) * Out of bounds read in MathML parsing (CVE-2014-1508) * Memory corruption in PDF processing (CVE-2014-1509) * Privilege escalation in WebIDL (CVE-2014-1510, CVE-2014-1511) * Use-after-free in the garbage collector (CVE-2014-1512) * Out of bounds write in Javascript array handling (CVE-2014-1513, CVE-2014-1514) |
| Additional notes | This update fixes these vulnerabilities. |
| CVE ID | CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 |
