发布：: 2025-07-01
已更新：: 2025-07-01

RHSA-2025:10072 - Security Advisory

概述
更新的软件包

概述

Important: firefox security update

类型/严重性

Security Advisory: Important

Red Hat Lightspeed patch analysis

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for firefox is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

firefox: Content-Disposition header ignored when a file is included in an embed or object tag (CVE-2025-6430)
firefox: Use-after-free in FontFaceSet (CVE-2025-6424)
firefox: Incorrect parsing of URLs could have allowed embedding of youtube.com (CVE-2025-6429)
firefox: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID (CVE-2025-6425)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

修复

BZ - 2374555 - CVE-2025-6430 firefox: Content-Disposition header ignored when a file is included in an embed or object tag
BZ - 2374559 - CVE-2025-6424 firefox: Use-after-free in FontFaceSet
BZ - 2374561 - CVE-2025-6429 firefox: Incorrect parsing of URLs could have allowed embedding of youtube.com
BZ - 2374562 - CVE-2025-6425 firefox: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID

CVE

参考

https://access.redhat.com/security/updates/classification/#important

注：: 可能有这些软件包的更新版本。点击软件包名称查看详情。

Red Hat Enterprise Linux for x86_64 9

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
x86_64
firefox-128.12.0-1.el9_6.x86_64.rpm	SHA-256: e80ca403d88b587632d4852d186961abaf1ac6682537f27db4b59de24074d65b
firefox-debuginfo-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 56cd7bb3295084c7af97fce3a7903eb1dde33262e3a041164d47ea91656502fb
firefox-debugsource-128.12.0-1.el9_6.x86_64.rpm	SHA-256: ce9352afb7056a537dccb1eae3d56bee6ffd7fd2a993390bfbce366229548fdf
firefox-x11-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 42387b1160f9a20c3f5f306be820116c4ddbf7c040e79077c49cadd183203b77

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
x86_64
firefox-128.12.0-1.el9_6.x86_64.rpm	SHA-256: e80ca403d88b587632d4852d186961abaf1ac6682537f27db4b59de24074d65b
firefox-debuginfo-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 56cd7bb3295084c7af97fce3a7903eb1dde33262e3a041164d47ea91656502fb
firefox-debugsource-128.12.0-1.el9_6.x86_64.rpm	SHA-256: ce9352afb7056a537dccb1eae3d56bee6ffd7fd2a993390bfbce366229548fdf
firefox-x11-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 42387b1160f9a20c3f5f306be820116c4ddbf7c040e79077c49cadd183203b77

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
x86_64
firefox-128.12.0-1.el9_6.x86_64.rpm	SHA-256: e80ca403d88b587632d4852d186961abaf1ac6682537f27db4b59de24074d65b
firefox-debuginfo-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 56cd7bb3295084c7af97fce3a7903eb1dde33262e3a041164d47ea91656502fb
firefox-debugsource-128.12.0-1.el9_6.x86_64.rpm	SHA-256: ce9352afb7056a537dccb1eae3d56bee6ffd7fd2a993390bfbce366229548fdf
firefox-x11-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 42387b1160f9a20c3f5f306be820116c4ddbf7c040e79077c49cadd183203b77

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
s390x
firefox-128.12.0-1.el9_6.s390x.rpm	SHA-256: a3c916285ce7dec55bda3b0edf7e4f2fba64741b433fd8d9d932568edd81dfb5
firefox-debuginfo-128.12.0-1.el9_6.s390x.rpm	SHA-256: 7f605d632c3c3678c66ad33355d8c4c0bfcbf928e2d250f24d62c2e1d11c7073
firefox-debugsource-128.12.0-1.el9_6.s390x.rpm	SHA-256: 17d3645e8cebda130b988898ce82e376b3eff2b52b646d466e8fee3bfab92a88
firefox-x11-128.12.0-1.el9_6.s390x.rpm	SHA-256: 23928d63a025e1b7c6350b645aaa4601d904f1114286a1e03f74ea92006ff1a2

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
s390x
firefox-128.12.0-1.el9_6.s390x.rpm	SHA-256: a3c916285ce7dec55bda3b0edf7e4f2fba64741b433fd8d9d932568edd81dfb5
firefox-debuginfo-128.12.0-1.el9_6.s390x.rpm	SHA-256: 7f605d632c3c3678c66ad33355d8c4c0bfcbf928e2d250f24d62c2e1d11c7073
firefox-debugsource-128.12.0-1.el9_6.s390x.rpm	SHA-256: 17d3645e8cebda130b988898ce82e376b3eff2b52b646d466e8fee3bfab92a88
firefox-x11-128.12.0-1.el9_6.s390x.rpm	SHA-256: 23928d63a025e1b7c6350b645aaa4601d904f1114286a1e03f74ea92006ff1a2

Red Hat Enterprise Linux for Power, little endian 9

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
ppc64le
firefox-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: 47ddadc7b6d004cf6a9e78498a6da1c9704efd07bdb4c76067bddb62bb847d3d
firefox-debuginfo-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: cded82183b0a6aac620fc27e0ed34a512f925458a78f95c3a38e103ad4ce0300
firefox-debugsource-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: ac224442f552f9d7ce8f1ada585d943cd9d060ffc7bac040e325375a46e44a1b
firefox-x11-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: d3f4a6edb3f640ac3342125eb352a25bb2a421bd3f4d1d3fe69d62f5546a4a31

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
ppc64le
firefox-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: 47ddadc7b6d004cf6a9e78498a6da1c9704efd07bdb4c76067bddb62bb847d3d
firefox-debuginfo-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: cded82183b0a6aac620fc27e0ed34a512f925458a78f95c3a38e103ad4ce0300
firefox-debugsource-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: ac224442f552f9d7ce8f1ada585d943cd9d060ffc7bac040e325375a46e44a1b
firefox-x11-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: d3f4a6edb3f640ac3342125eb352a25bb2a421bd3f4d1d3fe69d62f5546a4a31

Red Hat Enterprise Linux for ARM 64 9

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
aarch64
firefox-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 5c5514e871a0fee55586ff85ce5a103a9b03db7794eb8ffa69df6f0fee2f2573
firefox-debuginfo-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 9fc8a6dbb1a2071072707e9289ae577715239715deff9e6170e6944ceb0fd6ac
firefox-debugsource-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 18140620b3c6aafa70bec67f3d3b955b599566cae348a0d07f917864c5600256
firefox-x11-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 583951328ff26b26997c82b618c911498aef6d3f652bb1dd2199d69243995744

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
aarch64
firefox-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 5c5514e871a0fee55586ff85ce5a103a9b03db7794eb8ffa69df6f0fee2f2573
firefox-debuginfo-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 9fc8a6dbb1a2071072707e9289ae577715239715deff9e6170e6944ceb0fd6ac
firefox-debugsource-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 18140620b3c6aafa70bec67f3d3b955b599566cae348a0d07f917864c5600256
firefox-x11-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 583951328ff26b26997c82b618c911498aef6d3f652bb1dd2199d69243995744

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
ppc64le
firefox-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: 47ddadc7b6d004cf6a9e78498a6da1c9704efd07bdb4c76067bddb62bb847d3d
firefox-debuginfo-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: cded82183b0a6aac620fc27e0ed34a512f925458a78f95c3a38e103ad4ce0300
firefox-debugsource-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: ac224442f552f9d7ce8f1ada585d943cd9d060ffc7bac040e325375a46e44a1b
firefox-x11-128.12.0-1.el9_6.ppc64le.rpm	SHA-256: d3f4a6edb3f640ac3342125eb352a25bb2a421bd3f4d1d3fe69d62f5546a4a31

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
x86_64
firefox-128.12.0-1.el9_6.x86_64.rpm	SHA-256: e80ca403d88b587632d4852d186961abaf1ac6682537f27db4b59de24074d65b
firefox-debuginfo-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 56cd7bb3295084c7af97fce3a7903eb1dde33262e3a041164d47ea91656502fb
firefox-debugsource-128.12.0-1.el9_6.x86_64.rpm	SHA-256: ce9352afb7056a537dccb1eae3d56bee6ffd7fd2a993390bfbce366229548fdf
firefox-x11-128.12.0-1.el9_6.x86_64.rpm	SHA-256: 42387b1160f9a20c3f5f306be820116c4ddbf7c040e79077c49cadd183203b77

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
aarch64
firefox-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 5c5514e871a0fee55586ff85ce5a103a9b03db7794eb8ffa69df6f0fee2f2573
firefox-debuginfo-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 9fc8a6dbb1a2071072707e9289ae577715239715deff9e6170e6944ceb0fd6ac
firefox-debugsource-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 18140620b3c6aafa70bec67f3d3b955b599566cae348a0d07f917864c5600256
firefox-x11-128.12.0-1.el9_6.aarch64.rpm	SHA-256: 583951328ff26b26997c82b618c911498aef6d3f652bb1dd2199d69243995744

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
firefox-128.12.0-1.el9_6.src.rpm	SHA-256: 88d1615c3ab7992b38d35c6b0997da5048ca1f220bd2e3bcabd6c77826e81d1c
s390x
firefox-128.12.0-1.el9_6.s390x.rpm	SHA-256: a3c916285ce7dec55bda3b0edf7e4f2fba64741b433fd8d9d932568edd81dfb5
firefox-debuginfo-128.12.0-1.el9_6.s390x.rpm	SHA-256: 7f605d632c3c3678c66ad33355d8c4c0bfcbf928e2d250f24d62c2e1d11c7073
firefox-debugsource-128.12.0-1.el9_6.s390x.rpm	SHA-256: 17d3645e8cebda130b988898ce82e376b3eff2b52b646d466e8fee3bfab92a88
firefox-x11-128.12.0-1.el9_6.s390x.rpm	SHA-256: 23928d63a025e1b7c6350b645aaa4601d904f1114286a1e03f74ea92006ff1a2

Red Hat 安全团队联络方式为 secalert@redhat.com。更多联络细节请参考 https://access.redhat.com/security/team/contact/。

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation