Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
* firefox: thunderbird: Use-after-free in the JavaScript Engine component (CVE-2026-4701)
* firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4721)
* firefox: thunderbird: Privilege escalation in the Netmonitor component (CVE-2026-4717)
* firefox: thunderbird: Sandbox escape due to use-after-free in the Disability Access APIs component (CVE-2026-4688)
* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4706)
* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4695)
* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4689)
* firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2026-4698)
* firefox: thunderbird: Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component (CVE-2026-4716)
* firefox: thunderbird: Race condition, use-after-free in the Graphics: WebRender component (CVE-2026-4684)
* firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4705)
* firefox: thunderbird: Uninitialized memory in the Graphics: Canvas2D component (CVE-2026-4715)
* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4685)
* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4714)
* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component (CVE-2026-4709)
* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video component (CVE-2026-4710)
* firefox: thunderbird: Information disclosure in the Widget: Cocoa component (CVE-2026-4712)
* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component (CVE-2026-4697)
* firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4713)
* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component (CVE-2026-4690)
* firefox: thunderbird: Use-after-free in the Widget: Cocoa component (CVE-2026-4711)
* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4686)
* firefox: thunderbird: Incorrect boundary conditions in the Graphics component (CVE-2026-4708)
* firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component (CVE-2026-4691)
* firefox: thunderbird: Incorrect boundary conditions in the Layout: Text and Fonts component (CVE-2026-4699)
* firefox: thunderbird: Use-after-free in the Layout: Text and Fonts component (CVE-2026-4696)
* firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Playback component (CVE-2026-4693)
* firefox: thunderbird: Undefined behavior in the WebRTC: Signaling component (CVE-2026-4718)
* firefox: thunderbird: JIT miscompilation in the JavaScript Engine component (CVE-2026-4702)
* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Text component (CVE-2026-4719)
* firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics component (CVE-2026-4694)
* firefox: thunderbird: Sandbox escape in the Responsive Design Mode component (CVE-2026-4692)
* firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149 (CVE-2026-4720)
* firefox: thunderbird: Mitigation bypass in the Networking: HTTP component (CVE-2026-4700)
* firefox: thunderbird: Incorrect boundary conditions in the Graphics: Canvas2D component (CVE-2026-4707)
* firefox: thunderbird: Denial-of-service in the WebRTC: Signaling component (CVE-2026-4704)
* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Telemetry component (CVE-2026-4687)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
firefox-x11-140.9.0-1.el9_7.alma.1.aarch64.rpm |
3e729b3a82f8c3874ba9cdff70d159f2a6434cf9cff0f447b9bc5ea919453c9a |
| aarch64 |
firefox-140.9.0-1.el9_7.alma.1.aarch64.rpm |
f7b9505b7e80c2ac35065799a5cee33839c5a398536e8c6e8ea83add774924e2 |
| ppc64le |
firefox-x11-140.9.0-1.el9_7.alma.1.ppc64le.rpm |
a78911499661704f7cd207f33a4afe52229af3efd6e7d4bbaa852f1ebf1ac998 |
| ppc64le |
firefox-140.9.0-1.el9_7.alma.1.ppc64le.rpm |
ea1c2b0cd9d7baca59ab7aec4a9d0debf3eebe02c20f22948348e1e8a991dd39 |
| s390x |
firefox-140.9.0-1.el9_7.alma.1.s390x.rpm |
1c79b9efd14060b490b4e5d0aefd366e71bf0453f9af86d9e0c7ecd9134c8f98 |
| s390x |
firefox-x11-140.9.0-1.el9_7.alma.1.s390x.rpm |
ec2c029e05a06873ca7412558080c2029fe8df10c2bb6844ed7cd46e55fdaf18 |
| x86_64 |
firefox-x11-140.9.0-1.el9_7.alma.1.x86_64.rpm |
458407cce9408f4b36234de0574e93a7950c29c1aefb65705219e0198d68b662 |
| x86_64 |
firefox-140.9.0-1.el9_7.alma.1.x86_64.rpm |
458c5e71e7bfa0f01bc4cfac45257b0ec58ac1ae9c1e3675f76c97647b0e08c1 |
