| Description: | Mozilla Firefox was updated to the 24.8.0ESR release, fixing securityissues and bugs.Only some of the published security advisories affect the Mozilla Firefox24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence ofmemory corruption under certain circumstances, and we presume that withenough effort at least some of these could be exploited to run arbitrarycode. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562)More information is referenced on:https://www.mozilla.org/security/announce/ .Security Issues: * CVE-2014-1567 * CVE-2014-1562 |