Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
* firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028)
* firefox: thunderbird: Memory safety bugs (CVE-2025-8035)
* firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031)
* firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027)
* firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030)
* firefox: Memory safety bugs (CVE-2025-8034)
* firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033)
* firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032)
* firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-128.13.0-1.el10_0.aarch64.rpm |
b6827f84bb670afc128966918bc4080159014afdaecc9679459e2d91c86a2888 |
| ppc64le |
firefox-128.13.0-1.el10_0.ppc64le.rpm |
00fb40127e34b5d9ef724fcbe34379d8b91bf0b078ba01bfd2bc1dd5a5062a68 |
| s390x |
firefox-128.13.0-1.el10_0.s390x.rpm |
9461f03e69cb25d4d79a5adfd51f8e02ee1f42f3118ab15f7030609203d1ba12 |
| x86_64 |
firefox-128.13.0-1.el10_0.x86_64.rpm |
acccaa88950d1aa545740107c9292afa176e167334c129eea3a931e7ceeabad9 |
| x86_64_v2 |
firefox-128.13.0-1.el10_0.x86_64_v2.rpm |
ce50e024cd2ca1a4da76231e8c50fc4f4aa09a02b14c042dbc19f6b3b9a987aa |
