Issued:: 2025-05-13
Updated:: 2025-05-13

RHSA-2025:7491 - Security Advisory

Overview
Updated Packages

Synopsis

Important: firefox security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for firefox is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

Security Fix(es):

firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters (CVE-2025-3029)
firefox: thunderbird: Use-after-free triggered by XSLTProcessor (CVE-2025-3028)
firefox: thunderbird: Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9 (CVE-2025-3030)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 10 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems 10 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

BZ - 2356556 - CVE-2025-3029 firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters
BZ - 2356562 - CVE-2025-3028 firefox: thunderbird: Use-after-free triggered by XSLTProcessor
BZ - 2356563 - CVE-2025-3030 firefox: thunderbird: Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 10

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
x86_64
firefox-128.9.0-3.el10_0.x86_64.rpm	SHA-256: 8a18d5cb27d294625e5ecd04916a2762a852956d495fc4f2602dbce6ae9dcf1d
firefox-debuginfo-128.9.0-3.el10_0.x86_64.rpm	SHA-256: f8528297e35830aa70eadbf8e3ac18a347bd419057f3261e8cbe72f9beb83798
firefox-debugsource-128.9.0-3.el10_0.x86_64.rpm	SHA-256: 7f1d1eb28710cffc9f9d293d37aa506b27875d813c4d9afe5549bb583a4b2339

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
x86_64
firefox-128.9.0-3.el10_0.x86_64.rpm	SHA-256: 8a18d5cb27d294625e5ecd04916a2762a852956d495fc4f2602dbce6ae9dcf1d
firefox-debuginfo-128.9.0-3.el10_0.x86_64.rpm	SHA-256: f8528297e35830aa70eadbf8e3ac18a347bd419057f3261e8cbe72f9beb83798
firefox-debugsource-128.9.0-3.el10_0.x86_64.rpm	SHA-256: 7f1d1eb28710cffc9f9d293d37aa506b27875d813c4d9afe5549bb583a4b2339

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
s390x
firefox-128.9.0-3.el10_0.s390x.rpm	SHA-256: 781f3be6eb8cacbf8746866532d7098fdf4a9cb664bdd3d71f39bfd44a507c4e
firefox-debuginfo-128.9.0-3.el10_0.s390x.rpm	SHA-256: b986a59b1cb0e0ad001fb6c59a0db3973c42550536d817c0e9358acbdf3b0334
firefox-debugsource-128.9.0-3.el10_0.s390x.rpm	SHA-256: 844337e3d479b7021925aa24b6c3ff538f5e8ae71e29f9114cfb9f19b7015ec7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
s390x
firefox-128.9.0-3.el10_0.s390x.rpm	SHA-256: 781f3be6eb8cacbf8746866532d7098fdf4a9cb664bdd3d71f39bfd44a507c4e
firefox-debuginfo-128.9.0-3.el10_0.s390x.rpm	SHA-256: b986a59b1cb0e0ad001fb6c59a0db3973c42550536d817c0e9358acbdf3b0334
firefox-debugsource-128.9.0-3.el10_0.s390x.rpm	SHA-256: 844337e3d479b7021925aa24b6c3ff538f5e8ae71e29f9114cfb9f19b7015ec7

Red Hat Enterprise Linux for Power, little endian 10

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
ppc64le
firefox-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: 858db6e879183f30ca1198da194cd5a25342d3a5aa7af7013f09b2fc316565bb
firefox-debuginfo-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: c7a8d0067af5a1a02bab19958c460fed49100427e04e1cd3f341583441e3e206
firefox-debugsource-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: 4df68d2b268a1a10d3ffe07769053ebce4147c9613609ef6c57ecac31886742e

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
ppc64le
firefox-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: 858db6e879183f30ca1198da194cd5a25342d3a5aa7af7013f09b2fc316565bb
firefox-debuginfo-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: c7a8d0067af5a1a02bab19958c460fed49100427e04e1cd3f341583441e3e206
firefox-debugsource-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: 4df68d2b268a1a10d3ffe07769053ebce4147c9613609ef6c57ecac31886742e

Red Hat Enterprise Linux for ARM 64 10

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
aarch64
firefox-128.9.0-3.el10_0.aarch64.rpm	SHA-256: c037e027138f027b5e07434b75dd72730e25415eece3dca0979c7337b26913d3
firefox-debuginfo-128.9.0-3.el10_0.aarch64.rpm	SHA-256: 163c7e611b037487a06577d3dd103f7161055447eadc9565255c31558648c8fd
firefox-debugsource-128.9.0-3.el10_0.aarch64.rpm	SHA-256: 6ad5fa9baf252af0a6191f3c672d05c7b70dd0c94a62e6cac615dcb0be22b3b8

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
aarch64
firefox-128.9.0-3.el10_0.aarch64.rpm	SHA-256: c037e027138f027b5e07434b75dd72730e25415eece3dca0979c7337b26913d3
firefox-debuginfo-128.9.0-3.el10_0.aarch64.rpm	SHA-256: 163c7e611b037487a06577d3dd103f7161055447eadc9565255c31558648c8fd
firefox-debugsource-128.9.0-3.el10_0.aarch64.rpm	SHA-256: 6ad5fa9baf252af0a6191f3c672d05c7b70dd0c94a62e6cac615dcb0be22b3b8

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
aarch64
firefox-128.9.0-3.el10_0.aarch64.rpm	SHA-256: c037e027138f027b5e07434b75dd72730e25415eece3dca0979c7337b26913d3
firefox-debuginfo-128.9.0-3.el10_0.aarch64.rpm	SHA-256: 163c7e611b037487a06577d3dd103f7161055447eadc9565255c31558648c8fd
firefox-debugsource-128.9.0-3.el10_0.aarch64.rpm	SHA-256: 6ad5fa9baf252af0a6191f3c672d05c7b70dd0c94a62e6cac615dcb0be22b3b8

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
s390x
firefox-128.9.0-3.el10_0.s390x.rpm	SHA-256: 781f3be6eb8cacbf8746866532d7098fdf4a9cb664bdd3d71f39bfd44a507c4e
firefox-debuginfo-128.9.0-3.el10_0.s390x.rpm	SHA-256: b986a59b1cb0e0ad001fb6c59a0db3973c42550536d817c0e9358acbdf3b0334
firefox-debugsource-128.9.0-3.el10_0.s390x.rpm	SHA-256: 844337e3d479b7021925aa24b6c3ff538f5e8ae71e29f9114cfb9f19b7015ec7

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
ppc64le
firefox-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: 858db6e879183f30ca1198da194cd5a25342d3a5aa7af7013f09b2fc316565bb
firefox-debuginfo-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: c7a8d0067af5a1a02bab19958c460fed49100427e04e1cd3f341583441e3e206
firefox-debugsource-128.9.0-3.el10_0.ppc64le.rpm	SHA-256: 4df68d2b268a1a10d3ffe07769053ebce4147c9613609ef6c57ecac31886742e

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
firefox-128.9.0-3.el10_0.src.rpm	SHA-256: af61895482fa9c9a18d56754140361a743238e1829a03a4d6c5812d4fc5d3929
x86_64
firefox-128.9.0-3.el10_0.x86_64.rpm	SHA-256: 8a18d5cb27d294625e5ecd04916a2762a852956d495fc4f2602dbce6ae9dcf1d
firefox-debuginfo-128.9.0-3.el10_0.x86_64.rpm	SHA-256: f8528297e35830aa70eadbf8e3ac18a347bd419057f3261e8cbe72f9beb83798
firefox-debugsource-128.9.0-3.el10_0.x86_64.rpm	SHA-256: 7f1d1eb28710cffc9f9d293d37aa506b27875d813c4d9afe5549bb583a4b2339

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation