SUSE alert openSUSE-SU-2026:10037-1 (firefox-esr)
| From: | meissner@suse.com | |
| To: | security-announce@lists.opensuse.org | |
| Subject: | openSUSE-SU-2026:10037-1: moderate: firefox-esr-140.7.0-1.1 on GA media | |
| Date: | Wed, 14 Jan 2026 17:37:03 +0100 | |
| Message-ID: | <20260114163703.233CCFBA0@maintenance.suse.de> | |
| Archive-link: | Article |
# firefox-esr-140.7.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10037-1 Rating: moderate Cross-References: * CVE-2025-14327 * CVE-2026-0877 * CVE-2026-0878 * CVE-2026-0879 * CVE-2026-0880 * CVE-2026-0882 * CVE-2026-0883 * CVE-2026-0884 * CVE-2026-0885 * CVE-2026-0886 * CVE-2026-0887 * CVE-2026-0890 * CVE-2026-0891 CVSS scores: * CVE-2025-14327 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2025-14327 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 13 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the firefox-esr-140.7.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * firefox-esr 140.7.0-1.1 * firefox-esr-branding-upstream 140.7.0-1.1 * firefox-esr-translations-common 140.7.0-1.1 * firefox-esr-translations-other 140.7.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14327.html * https://www.suse.com/security/cve/CVE-2026-0877.html * https://www.suse.com/security/cve/CVE-2026-0878.html * https://www.suse.com/security/cve/CVE-2026-0879.html * https://www.suse.com/security/cve/CVE-2026-0880.html * https://www.suse.com/security/cve/CVE-2026-0882.html * https://www.suse.com/security/cve/CVE-2026-0883.html * https://www.suse.com/security/cve/CVE-2026-0884.html * https://www.suse.com/security/cve/CVE-2026-0885.html * https://www.suse.com/security/cve/CVE-2026-0886.html * https://www.suse.com/security/cve/CVE-2026-0887.html * https://www.suse.com/security/cve/CVE-2026-0890.html * https://www.suse.com/security/cve/CVE-2026-0891.html