[ALSA-2025:2359] Important: firefox security update
Type:
security
Severity:
important
Release date:
2025-03-21
Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fix(es): * firefox: Use-after-free in WebTransportChild (CVE-2025-1931) * firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process (CVE-2025-1930) * firefox: Unexpected GC during RegExp bailout processing (CVE-2025-1934) * firefox: Clickjacking the registerProtocolHandler info-bar Reporter (CVE-2025-1935) * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1938) * firefox: JIT corruption of WASM i32 return values on 64-bit CPUs (CVE-2025-1933) * firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 115.21, Firefox ESR 128.8, and Thunderbird 128.8 (CVE-2025-1937) * firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access (CVE-2025-1932) * firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents (CVE-2025-1936) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 firefox-128.8.0-1.el9_5.aarch64.rpm 298f51a9895925e9ebc675224f94ba1f2e2b4aa4d36f67005b8d58fc9c0d4963
aarch64 firefox-x11-128.8.0-1.el9_5.aarch64.rpm e28d444f9fadfb6db0fb04113326c14f69cf7b19fbd06f180d5a88a231fc5a6c
ppc64le firefox-128.8.0-1.el9_5.ppc64le.rpm 0ddba9fda511d65ba8887e2cab4580893ad704c0a134559202c61b7167788fc9
ppc64le firefox-x11-128.8.0-1.el9_5.ppc64le.rpm ec65d492a28a95884004cb5fff40a4eb42054291269b6df0b517b41dcc9c2601
s390x firefox-x11-128.8.0-1.el9_5.s390x.rpm 594fde7f1473c457085d4c7eac138d5eb38ac868abe9b5526fee2cf18af3d4fa
s390x firefox-128.8.0-1.el9_5.s390x.rpm 8a4168b4bcbfafbe8a9be0d3dd2fa39811bce51dfaf43829c88feaeb6d627a4e
x86_64 firefox-x11-128.8.0-1.el9_5.x86_64.rpm 3670246612f18e1773772435f303abd3d4571b8cb7e0d1fea441aaf5b2e8671c
x86_64 firefox-128.8.0-1.el9_5.x86_64.rpm f624da714e1a1c1e2c2a7e7214685aef50fff260654170b83d4e5a9f03bcbd3a
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.