Announced 5 July 2019
Score: High
A security issue affects the Firefox ESR web browser on
-
IGEL OS 11
-
IGEL OS 10
-
IGEL Linux 5
Details
Two vulnerabilities (CVE-2019-11708 and CVE-2019-11707) have been discovered in Firefox that in combination allow a remote attacker to execute code on a target machine.
Update Instructions
-
IGEL OS 11: Update to IGEL OS 11.01.120, containing the fixed Firefox ESR version 60.7.2.
-
IGEL OS 10: Update to IGEL OS 10.05.830, containing the fixed Firefox ESR version 60.7.2.
Mitigation
-
IGEL Linux 5: This version does not have the space required for the Firefox ESR update. IGEL recommends disabling the web browser feature if possible.