概述
Important: firefox security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
标题
An update for firefox is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Security Fix(es):
- firefox: thunderbird: Privilege escalation in Firefox Updater (CVE-2025-2817)
- firefox: thunderbird: Unsafe attribute access during XPath parsing (CVE-2025-4087)
- firefox: thunderbird: Process isolation bypass using "javascript:" URI links in cross-origin frames (CVE-2025-4083)
- firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10 (CVE-2025-4091)
- firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10 (CVE-2025-4093)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
修复
-
BZ - 2362902
- CVE-2025-2817 firefox: thunderbird: Privilege escalation in Firefox Updater
-
BZ - 2362904
- CVE-2025-4087 firefox: thunderbird: Unsafe attribute access during XPath parsing
-
BZ - 2362907
- CVE-2025-4083 firefox: thunderbird: Process isolation bypass using "javascript:" URI links in cross-origin frames
-
BZ - 2362912
- CVE-2025-4091 firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10
-
BZ - 2362915
- CVE-2025-4093 firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| x86_64 |
|
firefox-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: d04c200b8119aacbe2b44c7a2c782a388c23679c79e09a779781f235142d429c |
|
firefox-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e06dcceeeaf35ec496ea0b14e4ffef65d540652ab893f58bcba206865ef011c6 |
|
firefox-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e1537acde2e29426adac3961ae1654f7b9a868acffd8a0f60047270b920728e7 |
|
firefox-x11-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 5597054ab48f3676a044fb8266969225942020baf8f993197274f585c5b24920 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| x86_64 |
|
firefox-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: d04c200b8119aacbe2b44c7a2c782a388c23679c79e09a779781f235142d429c |
|
firefox-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e06dcceeeaf35ec496ea0b14e4ffef65d540652ab893f58bcba206865ef011c6 |
|
firefox-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e1537acde2e29426adac3961ae1654f7b9a868acffd8a0f60047270b920728e7 |
|
firefox-x11-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 5597054ab48f3676a044fb8266969225942020baf8f993197274f585c5b24920 |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| x86_64 |
|
firefox-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: d04c200b8119aacbe2b44c7a2c782a388c23679c79e09a779781f235142d429c |
|
firefox-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e06dcceeeaf35ec496ea0b14e4ffef65d540652ab893f58bcba206865ef011c6 |
|
firefox-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e1537acde2e29426adac3961ae1654f7b9a868acffd8a0f60047270b920728e7 |
|
firefox-x11-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 5597054ab48f3676a044fb8266969225942020baf8f993197274f585c5b24920 |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| s390x |
|
firefox-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 0644a392137a779012872ac2c14e781db29717e698002bd93d7e03351788773d |
|
firefox-debuginfo-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 1411a95ca52c13fcf559e24d1459c5421675e425ed62f0aee8cc21ccf6485100 |
|
firefox-debugsource-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: c035e22becaa6899b10057268a280fe34cdcb53640dbb46ce6480be210d5a8bb |
|
firefox-x11-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: cd6aff083cbf561e715c85eb0cec32a1703e04941f50407f7c713be7ef377c02 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| s390x |
|
firefox-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 0644a392137a779012872ac2c14e781db29717e698002bd93d7e03351788773d |
|
firefox-debuginfo-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 1411a95ca52c13fcf559e24d1459c5421675e425ed62f0aee8cc21ccf6485100 |
|
firefox-debugsource-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: c035e22becaa6899b10057268a280fe34cdcb53640dbb46ce6480be210d5a8bb |
|
firefox-x11-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: cd6aff083cbf561e715c85eb0cec32a1703e04941f50407f7c713be7ef377c02 |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| ppc64le |
|
firefox-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 6391a015e6bedbcb0c820055c002c0018398df9ec73cd32149b88b7dfe575bdd |
|
firefox-debuginfo-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: f3063540009bde2aefd152d11ace7a5fe47b7a75035bec7f216aa48f46a38a74 |
|
firefox-debugsource-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: a804f8e164752de9eb0a34efa3514ba7d66cd04184806a052d94357258f2f128 |
|
firefox-x11-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: c95e27b28842dc576dd32615a304c0d90d5bbcfead7b1ee1f2e2884944f6e7bb |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| ppc64le |
|
firefox-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 6391a015e6bedbcb0c820055c002c0018398df9ec73cd32149b88b7dfe575bdd |
|
firefox-debuginfo-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: f3063540009bde2aefd152d11ace7a5fe47b7a75035bec7f216aa48f46a38a74 |
|
firefox-debugsource-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: a804f8e164752de9eb0a34efa3514ba7d66cd04184806a052d94357258f2f128 |
|
firefox-x11-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: c95e27b28842dc576dd32615a304c0d90d5bbcfead7b1ee1f2e2884944f6e7bb |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| aarch64 |
|
firefox-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: d2e3e4d284f3a957fbc8ed083a951a47c228cb4971afff3f2ab1234f72bf5f69 |
|
firefox-debuginfo-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 1c0830c25dd7f993ec0e33a897da98553bf7564ae9e104bc1adc9b6c0a9e0b93 |
|
firefox-debugsource-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: fcf8c94c237a1b4eb42cfa8451a33b4e821b7936cdf43056d346b0035b711559 |
|
firefox-x11-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 30e5a136491227199f3755f8dbcbf2dd7bbebbc478535c282f67dbaeffda9705 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| aarch64 |
|
firefox-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: d2e3e4d284f3a957fbc8ed083a951a47c228cb4971afff3f2ab1234f72bf5f69 |
|
firefox-debuginfo-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 1c0830c25dd7f993ec0e33a897da98553bf7564ae9e104bc1adc9b6c0a9e0b93 |
|
firefox-debugsource-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: fcf8c94c237a1b4eb42cfa8451a33b4e821b7936cdf43056d346b0035b711559 |
|
firefox-x11-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 30e5a136491227199f3755f8dbcbf2dd7bbebbc478535c282f67dbaeffda9705 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| ppc64le |
|
firefox-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 6391a015e6bedbcb0c820055c002c0018398df9ec73cd32149b88b7dfe575bdd |
|
firefox-debuginfo-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: f3063540009bde2aefd152d11ace7a5fe47b7a75035bec7f216aa48f46a38a74 |
|
firefox-debugsource-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: a804f8e164752de9eb0a34efa3514ba7d66cd04184806a052d94357258f2f128 |
|
firefox-x11-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: c95e27b28842dc576dd32615a304c0d90d5bbcfead7b1ee1f2e2884944f6e7bb |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| x86_64 |
|
firefox-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: d04c200b8119aacbe2b44c7a2c782a388c23679c79e09a779781f235142d429c |
|
firefox-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e06dcceeeaf35ec496ea0b14e4ffef65d540652ab893f58bcba206865ef011c6 |
|
firefox-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e1537acde2e29426adac3961ae1654f7b9a868acffd8a0f60047270b920728e7 |
|
firefox-x11-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 5597054ab48f3676a044fb8266969225942020baf8f993197274f585c5b24920 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| aarch64 |
|
firefox-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: d2e3e4d284f3a957fbc8ed083a951a47c228cb4971afff3f2ab1234f72bf5f69 |
|
firefox-debuginfo-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 1c0830c25dd7f993ec0e33a897da98553bf7564ae9e104bc1adc9b6c0a9e0b93 |
|
firefox-debugsource-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: fcf8c94c237a1b4eb42cfa8451a33b4e821b7936cdf43056d346b0035b711559 |
|
firefox-x11-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 30e5a136491227199f3755f8dbcbf2dd7bbebbc478535c282f67dbaeffda9705 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
firefox-128.10.0-1.el9_6.src.rpm
|
SHA-256: 603e4535b3c24fd77694a2507c5a4159f499722606423fee732c05ac929f5c24 |
| s390x |
|
firefox-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 0644a392137a779012872ac2c14e781db29717e698002bd93d7e03351788773d |
|
firefox-debuginfo-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 1411a95ca52c13fcf559e24d1459c5421675e425ed62f0aee8cc21ccf6485100 |
|
firefox-debugsource-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: c035e22becaa6899b10057268a280fe34cdcb53640dbb46ce6480be210d5a8bb |
|
firefox-x11-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: cd6aff083cbf561e715c85eb0cec32a1703e04941f50407f7c713be7ef377c02 |
