Описание
ELSA-2025-14416: firefox security update (IMPORTANT)
[128.14.0-2.0.1]
- Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file
[128.14.0]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)
[128.14.0-2]
- Add missing translations
[128.14.0-1]
- Update to 128.14.0 build1
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
firefox
128.14.0-2.0.1.el9_6
firefox-x11
128.14.0-2.0.1.el9_6
Oracle Linux x86_64
firefox
128.14.0-2.0.1.el9_6
firefox-x11
128.14.0-2.0.1.el9_6
Ссылки на источники
Связанные уязвимости
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.