概述
Important: firefox security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
标题
An update for firefox is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
- firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028)
- firefox: thunderbird: Memory safety bugs (CVE-2025-8035)
- firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031)
- firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027)
- firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030)
- firefox: Memory safety bugs (CVE-2025-8034)
- firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033)
- firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032)
- firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
修复
-
BZ - 2382701
- CVE-2025-8028 firefox: thunderbird: Large branch table could lead to truncated instruction
-
BZ - 2382703
- CVE-2025-8035 firefox: thunderbird: Memory safety bugs
-
BZ - 2382704
- CVE-2025-8031 firefox: thunderbird: Incorrect URL stripping in CSP reports
-
BZ - 2382707
- CVE-2025-8027 firefox: thunderbird: JavaScript engine only wrote partial return value to stack
-
BZ - 2382710
- CVE-2025-8030 firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command
-
BZ - 2382711
- CVE-2025-8034 firefox: Memory safety bugs
-
BZ - 2382717
- CVE-2025-8033 firefox: thunderbird: Incorrect JavaScript state machine for generators
-
BZ - 2382718
- CVE-2025-8032 firefox: thunderbird: XSLT documents could bypass CSP
-
BZ - 2382720
- CVE-2025-8029 firefox: thunderbird: javascript: URLs executed on object and embed tags
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| x86_64 |
|
firefox-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c1785078a8f44f4e9a65e469bc4a3f47d6c84a6c8751c924869d6b676f19979 |
|
firefox-debuginfo-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: e6e93223538a6f4fd2d0f1c5221273f6ba108013e479f063ced90be19257ea6d |
|
firefox-debugsource-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c367e76464b6fe978fef7b16077ad21780c42443e48ad1f7fe6faca79261fb8 |
|
firefox-x11-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: bd8b62ceaa1f1ec1f793b6f27f950312f960eafc3b05ff5f49ebfbe829d3b9bb |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| x86_64 |
|
firefox-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c1785078a8f44f4e9a65e469bc4a3f47d6c84a6c8751c924869d6b676f19979 |
|
firefox-debuginfo-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: e6e93223538a6f4fd2d0f1c5221273f6ba108013e479f063ced90be19257ea6d |
|
firefox-debugsource-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c367e76464b6fe978fef7b16077ad21780c42443e48ad1f7fe6faca79261fb8 |
|
firefox-x11-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: bd8b62ceaa1f1ec1f793b6f27f950312f960eafc3b05ff5f49ebfbe829d3b9bb |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| x86_64 |
|
firefox-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c1785078a8f44f4e9a65e469bc4a3f47d6c84a6c8751c924869d6b676f19979 |
|
firefox-debuginfo-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: e6e93223538a6f4fd2d0f1c5221273f6ba108013e479f063ced90be19257ea6d |
|
firefox-debugsource-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c367e76464b6fe978fef7b16077ad21780c42443e48ad1f7fe6faca79261fb8 |
|
firefox-x11-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: bd8b62ceaa1f1ec1f793b6f27f950312f960eafc3b05ff5f49ebfbe829d3b9bb |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| s390x |
|
firefox-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 5acb083a938551731d480eafbc643b9116fe8f7192946ecc4c2b1ad9c4020e8f |
|
firefox-debuginfo-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 356cce78d8145f39e00f3543440e116743b08d2b619625eea22755adb42439eb |
|
firefox-debugsource-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 62cd1d0bdd1b4a7c071cbf82bb9cb941c1422e0dc737d81b862ee18efdf363ef |
|
firefox-x11-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 13441f0649ceb6e86ac27b6cf069da5c18f20955109016034271a5a8552caeaa |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| s390x |
|
firefox-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 5acb083a938551731d480eafbc643b9116fe8f7192946ecc4c2b1ad9c4020e8f |
|
firefox-debuginfo-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 356cce78d8145f39e00f3543440e116743b08d2b619625eea22755adb42439eb |
|
firefox-debugsource-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 62cd1d0bdd1b4a7c071cbf82bb9cb941c1422e0dc737d81b862ee18efdf363ef |
|
firefox-x11-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 13441f0649ceb6e86ac27b6cf069da5c18f20955109016034271a5a8552caeaa |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| ppc64le |
|
firefox-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 398554f5859c6105ff7dd2a2b92c64604147dbf7615ae1d5a46eaa7931277ce2 |
|
firefox-debuginfo-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 7f49ae85c38a0563fac2ef851ee3e5c5c455ab5e7ca3fd9c4bc9bab78856a8f2 |
|
firefox-debugsource-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 3d7eb49a71f849d6559c33e40c9903f8416e148795b50fbbb5a67955fd9560f1 |
|
firefox-x11-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 5b640e4b674be6a97ce9e47203dc6476a6224aab8cafbbc3c8cbf2a65955c7c4 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| ppc64le |
|
firefox-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 398554f5859c6105ff7dd2a2b92c64604147dbf7615ae1d5a46eaa7931277ce2 |
|
firefox-debuginfo-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 7f49ae85c38a0563fac2ef851ee3e5c5c455ab5e7ca3fd9c4bc9bab78856a8f2 |
|
firefox-debugsource-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 3d7eb49a71f849d6559c33e40c9903f8416e148795b50fbbb5a67955fd9560f1 |
|
firefox-x11-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 5b640e4b674be6a97ce9e47203dc6476a6224aab8cafbbc3c8cbf2a65955c7c4 |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| aarch64 |
|
firefox-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: 186afee2a855d0ce979fcd4f44f0b132906347b68b65f3e20713ae74b4e124db |
|
firefox-debuginfo-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: 62c1a3d3d949589835f7121e97159047b1417e14de59a2b00f9bc5dfecb6cd48 |
|
firefox-debugsource-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: ff7ab96b9a94fc7a873a555c51a0931900c0c31f1a56f2da0b259250142d8854 |
|
firefox-x11-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: b73a3dd7e69d64bd2d719081630f5ffce523a32ca29de4b712e1b5386eb0e007 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| aarch64 |
|
firefox-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: 186afee2a855d0ce979fcd4f44f0b132906347b68b65f3e20713ae74b4e124db |
|
firefox-debuginfo-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: 62c1a3d3d949589835f7121e97159047b1417e14de59a2b00f9bc5dfecb6cd48 |
|
firefox-debugsource-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: ff7ab96b9a94fc7a873a555c51a0931900c0c31f1a56f2da0b259250142d8854 |
|
firefox-x11-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: b73a3dd7e69d64bd2d719081630f5ffce523a32ca29de4b712e1b5386eb0e007 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| ppc64le |
|
firefox-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 398554f5859c6105ff7dd2a2b92c64604147dbf7615ae1d5a46eaa7931277ce2 |
|
firefox-debuginfo-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 7f49ae85c38a0563fac2ef851ee3e5c5c455ab5e7ca3fd9c4bc9bab78856a8f2 |
|
firefox-debugsource-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 3d7eb49a71f849d6559c33e40c9903f8416e148795b50fbbb5a67955fd9560f1 |
|
firefox-x11-128.13.0-1.el9_6.ppc64le.rpm
|
SHA-256: 5b640e4b674be6a97ce9e47203dc6476a6224aab8cafbbc3c8cbf2a65955c7c4 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| x86_64 |
|
firefox-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c1785078a8f44f4e9a65e469bc4a3f47d6c84a6c8751c924869d6b676f19979 |
|
firefox-debuginfo-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: e6e93223538a6f4fd2d0f1c5221273f6ba108013e479f063ced90be19257ea6d |
|
firefox-debugsource-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: 9c367e76464b6fe978fef7b16077ad21780c42443e48ad1f7fe6faca79261fb8 |
|
firefox-x11-128.13.0-1.el9_6.x86_64.rpm
|
SHA-256: bd8b62ceaa1f1ec1f793b6f27f950312f960eafc3b05ff5f49ebfbe829d3b9bb |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| aarch64 |
|
firefox-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: 186afee2a855d0ce979fcd4f44f0b132906347b68b65f3e20713ae74b4e124db |
|
firefox-debuginfo-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: 62c1a3d3d949589835f7121e97159047b1417e14de59a2b00f9bc5dfecb6cd48 |
|
firefox-debugsource-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: ff7ab96b9a94fc7a873a555c51a0931900c0c31f1a56f2da0b259250142d8854 |
|
firefox-x11-128.13.0-1.el9_6.aarch64.rpm
|
SHA-256: b73a3dd7e69d64bd2d719081630f5ffce523a32ca29de4b712e1b5386eb0e007 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
firefox-128.13.0-1.el9_6.src.rpm
|
SHA-256: 0a9fbc5c3d0f4158bd4f6511ceab68104cc1ebfeaefc4c709ebe43a21a7b82ce |
| s390x |
|
firefox-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 5acb083a938551731d480eafbc643b9116fe8f7192946ecc4c2b1ad9c4020e8f |
|
firefox-debuginfo-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 356cce78d8145f39e00f3543440e116743b08d2b619625eea22755adb42439eb |
|
firefox-debugsource-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 62cd1d0bdd1b4a7c071cbf82bb9cb941c1422e0dc737d81b862ee18efdf363ef |
|
firefox-x11-128.13.0-1.el9_6.s390x.rpm
|
SHA-256: 13441f0649ceb6e86ac27b6cf069da5c18f20955109016034271a5a8552caeaa |
