Package firefox updated to version 139.0.4-alt1 for branch sisyphus in task 386845.

Published: 2025-06-11
Modified: 2025-06-16

CVE-2025-49709

Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2025-06-11
Modified: 2025-06-16

CVE-2025-49710

An integer overflow was present in `OrderedHashTable` used by the JavaScript engine This vulnerability affects Firefox < 139.0.4.

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Version: 2.1.2