Using the Address Sanitizer tool, security researcher Atte Kettunen found a problem with OpenType Sanitiser (OTS) that resulted in a use-after-free while expanding macros in some circumstances. This use-after-free was only used for information displayed in the developer console and was not exploitable. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2015-23 Acknowledgements: Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Atte Kettunen as the original reporter. Statement: This issue does not affect the version of firefox and thunderbird as shipped with Red Hat Enterprise Linux 5, 6 and 7.