Synopsis: Critical: firefox security update Advisory ID: SLSA-2016:0373-1 Issue Date: 2016-03-09 CVE Numbers: CVE-2016-1952 CVE-2016-1954 CVE-2016-1957 CVE-2016-1958 CVE-2016-1960 CVE-2016-1961 CVE-2016-1962 CVE-2016-1964 CVE-2016-1965 CVE-2016-1966 CVE-2016-1973 CVE-2016-1974 -- Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966) Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802) After installing the update, Firefox must be restarted for the changes to take effect. -- SL5 x86_64 firefox-38.7.0-1.el5_11.i386.rpm firefox-38.7.0-1.el5_11.x86_64.rpm firefox-debuginfo-38.7.0-1.el5_11.i386.rpm firefox-debuginfo-38.7.0-1.el5_11.x86_64.rpm i386 firefox-38.7.0-1.el5_11.i386.rpm firefox-debuginfo-38.7.0-1.el5_11.i386.rpm SL6 x86_64 firefox-38.7.0-1.el6_7.x86_64.rpm firefox-debuginfo-38.7.0-1.el6_7.x86_64.rpm firefox-38.7.0-1.el6_7.i686.rpm firefox-debuginfo-38.7.0-1.el6_7.i686.rpm i386 firefox-38.7.0-1.el6_7.i686.rpm firefox-debuginfo-38.7.0-1.el6_7.i686.rpm SL7 x86_64 firefox-38.7.0-1.el7_2.x86_64.rpm firefox-debuginfo-38.7.0-1.el7_2.x86_64.rpm firefox-38.7.0-1.el7_2.i686.rpm firefox-debuginfo-38.7.0-1.el7_2.i686.rpm - Scientific Linux Development Team