ALSA-2025:21280

[ALSA-2025:21280] Important: firefox security update

Type:

security

Severity:

important

Release date:

2025-11-24

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.  

Security Fix(es):  

  * firefox: Mitigation bypass in the DOM: Security component (CVE-2025-13018)
  * firefox: Use-after-free in the Audio/Video component (CVE-2025-13014)
  * firefox: Incorrect boundary conditions in the JavaScript: WebAssembly component (CVE-2025-13016)
  * firefox: Same-origin policy bypass in the DOM: Workers component (CVE-2025-13019)
  * firefox: Use-after-free in the WebRTC: Audio/Video component (CVE-2025-13020)
  * firefox: Race condition in the Graphics component (CVE-2025-13012)
  * firefox: Spoofing issue in Firefox (CVE-2025-13015)
  * firefox: Mitigation bypass in the DOM: Core & HTML component (CVE-2025-13013)
  * firefox: Same-origin policy bypass in the DOM: Notifications component (CVE-2025-13017)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	firefox-140.5.0-1.el9_7.alma.1.aarch64.rpm	df317c9c25a890ef68c71ed733180261a5eded48e4d2b54f6a83eb7cbf31acf9
aarch64	firefox-x11-140.5.0-1.el9_7.alma.1.aarch64.rpm	e504b54195e8d2bc8794079d54a207665abd53f99d74a0ff3228113623e0684a
ppc64le	firefox-140.5.0-1.el9_7.alma.1.ppc64le.rpm	29985f07a9ae67a488343597778d8110e1bf359942a850bb6232634d787b7709
ppc64le	firefox-x11-140.5.0-1.el9_7.alma.1.ppc64le.rpm	75b7815043692d200a36adb1f10533cdfc17d80c1ba6125d7efb5f3dd6b7e02c
s390x	firefox-140.5.0-1.el9_7.alma.1.s390x.rpm	085cd1d3dfcddc2349da2bf0c568d4c63dc26f9e6415ce1a03125dce9fca07dc
s390x	firefox-x11-140.5.0-1.el9_7.alma.1.s390x.rpm	c3397b2cbc2c2ba14de2a25debd940738af2eb4b015c227fee560dd4ee432aaf
x86_64	firefox-140.5.0-1.el9_7.alma.1.x86_64.rpm	ea7a0f53ba2eeaf4ac0ce892fe08715cb34dc25104bbd69a3e89012bb50c9da1
x86_64	firefox-x11-140.5.0-1.el9_7.alma.1.x86_64.rpm	eeabbc543283f5cd1df090f594479db288d9bfadd1a4c545312a28bfe7473c65

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.