Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
* firefox: Use-after-free when breaking lines in text (CVE-2025-0238)
* firefox: Memory corruption when using JavaScript Text Segmentation (CVE-2025-0241)
* firefox: Alt-Svc ALPN validation failure when redirected (CVE-2025-0239)
* firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 (CVE-2025-0243)
* firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 (CVE-2025-0242)
* firefox: WebChannel APIs susceptible to confused deputy attack (CVE-2025-0237)
* firefox: Compartment mismatch when parsing JavaScript JSON module (CVE-2025-0240)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-128.6.0-1.el9_5.aarch64.rpm |
025a35737f9ef874358e4a1082bba093c81aa93f1ba3681b1cda652393158bf2 |
| aarch64 |
firefox-x11-128.6.0-1.el9_5.aarch64.rpm |
cc6025b6b6149fb88196e9ac8e4cad5e30e1e00989225a94cdc2a93c142ba47b |
| ppc64le |
firefox-128.6.0-1.el9_5.ppc64le.rpm |
2e8ae4524c25eac53162fb035d2d1dec316fb4311c0b9fe5b3acf94a02057d19 |
| ppc64le |
firefox-x11-128.6.0-1.el9_5.ppc64le.rpm |
c5af5b1172e712a42cd0ed48d4e9e044d683ef6d411aaa4aede8f252ed8d4913 |
| s390x |
firefox-128.6.0-1.el9_5.s390x.rpm |
6aab6fefaa140460054aa0121f19199c13c63ccc85ed53f39b264e9bf7227499 |
| s390x |
firefox-x11-128.6.0-1.el9_5.s390x.rpm |
e28537c6d18552ed43b8feeb016b721796c41dd80f7fc9eafaa5f0aaf14e3dcb |
| x86_64 |
firefox-x11-128.6.0-1.el9_5.x86_64.rpm |
28e8758c4e24ceff670987e7227227330d9812f582dd89851dd960f29d30884e |
| x86_64 |
firefox-128.6.0-1.el9_5.x86_64.rpm |
4313af7ade4e257cab35768639faf55e2b5b65692eac95c6322bf1f7a6da0b1d |
