[El-errata] ELSA-2026-0007 Important: Oracle Linux 7 firefox security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Jan 19 11:32:22 UTC 2026 

Oracle Linux Security Advisory ELSA-2026-0007

http://linux.oracle.com/errata/ELSA-2026-0007.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-140.6.0-1.0.1.el7_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/firefox-140.6.0-1.0.1.el7_9.src.rpm

Related CVEs:

CVE-2025-14321
CVE-2025-14322
CVE-2025-14323
CVE-2025-14324
CVE-2025-14325
CVE-2025-14328
CVE-2025-14329
CVE-2025-14330
CVE-2025-14331
CVE-2025-14333




Description of changes:

[140.6.0-1.0.1]
- Update to 140.6.0 ESR [Orabug: 38813993][CVE-2025-14321][CVE-2025-14322]
  [CVE-2025-14323][CVE-2025-14324][CVE-2025-14325][CVE-2025-14328]
  [CVE-2025-14329][CVE-2025-14330][CVE-2025-14331][CVE-2025-14333]

[140.5.0-1.0.1]
- Update to 140.5.0 ESR [Orabug: 38708474][CVE-2025-13012][CVE-2025-13013]
  [CVE-2025-13014][CVE-2025-13015][CVE-2025-13016][CVE-2025-13017]
  [CVE-2025-13018][CVE-2025-13019][CVE-2025-13020]

[140.4.0-4.0.1]
- Update to 140.4.0 ESR [Orabug: 38595697][CVE-2025-11708][CVE-2025-11709]
  [CVE-2025-11710][CVE-2025-11711][CVE-2025-11712][CVE-2025-11714]
  [CVE-2025-11715]

[140.3.0-1.0.1]
- Update to 140.3.0 [Orabug: 38509157][CVE-2025-10527][CVE-2025-10528]
  [CVE-2025-10529][CVE-2025-10532][CVE-2025-10533][CVE-2025-10536]
  [CVE-2025-10537]
- Disable SVE parts of libyuv if not supported [Orabug: 38509157]

[128.14.0-2.0.1]
- Update to 128.14.0 [Orabug: 38400668][CVE-2025-9179][CVE-2025-9180]
  [CVE-2025-9181][CVE-2025-9182][CVE-2025-9185]

[128.13.0-1.0.1]
- Update to 128.13.0 [Orabug: 38256809][CVE-2025-8027][CVE-2025-8028]
  [CVE-2025-8029][CVE-2025-8030][CVE-2025-8031][CVE-2025-8032][CVE-2025-8033]
  [CVE-2025-8034][CVE-2025-8035]

[128.12.0-1.0.1]
- Update to 128.12.0 [Orabug: 38141310][CVE-2025-6424][CVE-2025-6425]
  [CVE-2025-6429][CVE-2025-6430]

[128.11.0-1.0.1]
- Update to 128.11.0 [Orabug: 38077559][CVE-2025-5263][CVE-2025-5264]
  [CVE-2025-5266][CVE-2025-5267][CVE-2025-5268][CVE-2025-5269]

[128.10.1-1.0.1]
- Update to 128.10.1 [Orabug: 38028280][CVE-2025-4918][CVE-2025-4919]

[128.10.0-1.0.1]
- Updated to 128.10.0 build [Orabug: 37924620]
- Fixes CVE-2025-2817 CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 and
- CVE-2025-4093

More information about the El-errata mailing list