Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
* firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267)
* firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264)
* firefox: thunderbird: Memory safety bugs (CVE-2025-5268)
* firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266)
* firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263)
* firefox: thunderbird: Memory safety bug (CVE-2025-5269)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-x11-128.11.0-1.el9_6.alma.1.aarch64.rpm |
1a2719394b673a65d5a264c9847d617cb580123a877e10f439acb2050bb5b740 |
| aarch64 |
firefox-128.11.0-1.el9_6.alma.1.aarch64.rpm |
b161147a57d6c25baa96bcf79c483df1aa6364895f1fdded3447ce9269eef74c |
| ppc64le |
firefox-128.11.0-1.el9_6.alma.1.ppc64le.rpm |
18f5d8ffe6c78b982de8d81f8867e56a91fc07bfdd2369f6be86d1028555f194 |
| ppc64le |
firefox-x11-128.11.0-1.el9_6.alma.1.ppc64le.rpm |
8aca4d0bf34779dcec01a8155e8499692df10731315b072344144bfd01b0b233 |
| s390x |
firefox-128.11.0-1.el9_6.alma.1.s390x.rpm |
6a0659cbe2f4b9ceaa766cbdc8a38386cf99890c0e3f0ed27292ae4e299d068f |
| s390x |
firefox-x11-128.11.0-1.el9_6.alma.1.s390x.rpm |
7803e9b34190a3a34a15829bdcb5c2874c49aee40088900c27239ea3259d958d |
| x86_64 |
firefox-x11-128.11.0-1.el9_6.alma.1.x86_64.rpm |
8f3fbe9f5c90268b0aed7570f2d9891728afed6e2e6f15409b4f2b2352b53c3b |
| x86_64 |
firefox-128.11.0-1.el9_6.alma.1.x86_64.rpm |
d71882247d17666c8d4a4ef88d5a90ca4b02e69e726c750444da3b2298cc9e09 |
