ALSA-2026:20566

[ALSA-2026:20566] Important: firefox security update

Type:

security

Severity:

important

Release date:

2026-05-27

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  

Security Fix(es):  

  * firefox: Other issue in the WebRTC component (CVE-2026-8094)
  * firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2 (CVE-2026-8092)
  * firefox: Use-after-free in the DOM: Networking component (CVE-2026-8090)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	firefox-140.10.2-1.el8_10.alma.1.aarch64.rpm	28bcfcc129b08059e3ac1375fc211cc4189b8ebf7d497c07af607c47fa256555
ppc64le	firefox-140.10.2-1.el8_10.alma.1.ppc64le.rpm	53ea4228dd0636381ec933790de4a6d43bae28ca5f24022d0912062e631d43fe
s390x	firefox-140.10.2-1.el8_10.alma.1.s390x.rpm	24d9a59e758b9706bc1a336fcbfeba9e6129e34383aa6d3b4d16d491de219507
x86_64	firefox-140.10.2-1.el8_10.alma.1.x86_64.rpm	d7e19e7d41b7151c6524fae979ac65f9dd67d76359d9b5792a6652fdf76a4056

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.