ELSA-2026-22708

ULN >
Oracle Linux Errata repository >
ELSA-2026-22708

ELSA-2026-22708 - firefox security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-06-15

Description

[140.10.1-1.0.1]
- Update to 140.10.1 ESR [Orabug: 39481850][CVE-2026-7320][CVE-2026-7321]
[CVE-2026-7322][CVE-2026-7323]

[140.10.0-1.0.1]
- Update to 140.10.0 ESR [Orabug: 39499844][CVE-2026-6746][CVE-2026-6747]
[CVE-2026-6748][CVE-2026-6749][CVE-2026-6750][CVE-2026-6751][CVE-2026-6752]
[CVE-2026-6753][CVE-2026-6754][CVE-2026-6757][CVE-2026-6759][CVE-2026-6761]
[CVE-2026-6762][CVE-2026-6763][CVE-2026-6764][CVE-2026-6765][CVE-2026-6766]
[CVE-2026-6767][CVE-2026-6769][CVE-2026-6770][CVE-2026-6771][CVE-2026-6772]
[CVE-2026-6776][CVE-2026-6785][CVE-2026-6786]

[140.9.1-1.0.1]
- Update to 140.9.1 ESR [Orabug: 39324689][CVE-2026-5731][CVE-2026-5732]
[CVE-2026-5734][CVE-2026-33416][CVE-2026-33636]

[140.9.0-1.0.1]
- Update to 140.9.0 ESR [Orabug: 39361657][CVE-2026-4684][CVE-2026-4685]
[CVE-2026-4686][CVE-2026-4687][CVE-2026-4688][CVE-2026-4689][CVE-2026-4690]
[CVE-2026-4691][CVE-2026-4692][CVE-2026-4693][CVE-2026-4694][CVE-2026-4695]
[CVE-2026-4696][CVE-2026-4697][CVE-2026-4698][CVE-2026-4699][CVE-2026-4700]
[CVE-2026-4701][CVE-2026-4702][CVE-2026-4704][CVE-2026-4705][CVE-2026-4706]
[CVE-2026-4707][CVE-2026-4708][CVE-2026-4709][CVE-2026-4710][CVE-2026-4711]
[CVE-2026-4712][CVE-2026-4713][CVE-2026-4714][CVE-2026-4715][CVE-2026-4716]
[CVE-2026-4717][CVE-2026-4718][CVE-2026-4719][CVE-2026-4720][CVE-2026-4721]

[140.8.0-2.0.1]
- Update to 140.8.0 ESR [Orabug: 39361647][CVE-2026-2447][CVE-2026-2757]
[CVE-2026-2758][CVE-2026-2759][CVE-2026-2760][CVE-2026-2761][CVE-2026-2762]
[CVE-2026-2763][CVE-2026-2764][CVE-2026-2765][CVE-2026-2766][CVE-2026-2767]
[CVE-2026-2768][CVE-2026-2769][CVE-2026-2770][CVE-2026-2771][CVE-2026-2772]
[CVE-2026-2773][CVE-2026-2774][CVE-2026-2775][CVE-2026-2776][CVE-2026-2777]
[CVE-2026-2778][CVE-2026-2779][CVE-2026-2780][CVE-2026-2781][CVE-2026-2782]
[CVE-2026-2783][CVE-2026-2784][CVE-2026-2785][CVE-2026-2786][CVE-2026-2787]
[CVE-2026-2788][CVE-2026-2789][CVE-2026-2790][CVE-2026-2791][CVE-2026-2792]
[CVE-2026-2793]

[140.7.0-1.0.1]
- Update to 140.7.0 ESR [Orabug: 38940976][CVE-2025-14327][CVE-2026-0877]
[CVE-2026-0878][CVE-2026-0879][CVE-2026-0880][CVE-2026-0882][CVE-2026-0883]
[CVE-2026-0884][CVE-2026-0885][CVE-2026-0886][CVE-2026-0887][CVE-2026-0890]
[CVE-2026-0891]

[140.6.0-1.0.1]
- Update to 140.6.0 ESR [Orabug: 38813993][CVE-2025-14321][CVE-2025-14322]
[CVE-2025-14323][CVE-2025-14324][CVE-2025-14325][CVE-2025-14328]
[CVE-2025-14329][CVE-2025-14330][CVE-2025-14331][CVE-2025-14333]

[140.5.0-1.0.1]
- Update to 140.5.0 ESR [Orabug: 38708474][CVE-2025-13012][CVE-2025-13013]
[CVE-2025-13014][CVE-2025-13015][CVE-2025-13016][CVE-2025-13017]
[CVE-2025-13018][CVE-2025-13019][CVE-2025-13020]

[140.4.0-4.0.1]
- Update to 140.4.0 ESR [Orabug: 38595697][CVE-2025-11708][CVE-2025-11709]
[CVE-2025-11710][CVE-2025-11711][CVE-2025-11712][CVE-2025-11714]
[CVE-2025-11715]

[140.3.0-1.0.1]
- Update to 140.3.0 [Orabug: 38509157][CVE-2025-10527][CVE-2025-10528]
[CVE-2025-10529][CVE-2025-10532][CVE-2025-10533][CVE-2025-10536]
[CVE-2025-10537]
- Disable SVE parts of libyuv if not supported [Orabug: 38509157]

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	firefox-140.10.1-1.0.1.el7_9.src.rpm	a4c8cd0ebdaee220ed0a30a20bb12f4f66ae5d93d9fe8546d6740a7e27b2451d	-	ol7_x86_64_latest_ELS
	firefox-140.10.1-1.0.1.el7_9.x86_64.rpm	cd8ec4a0ce3df8bcb758c1f8edb9d8c751c9d9bcfaf605fe39fe00d04e1b8038	-	ol7_x86_64_latest_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691