Skip to main content
Skip table of contents

ISN 2019-11: Firefox ESR Vulnerabilities

.Announced 13 September 2019

Score: High

Several security issues affect the Firefox ESR web browser on 

  • IGEL OS 11

  • IGEL OS 10

  • IGEL Linux v5

Details

Many vulnerabilities have been discovered in Firefox ESR, which Mozilla has summarized in the Mozilla Foundation Security Advisory (MFSA) 2019-27 with an overall critical score. The advisory contains CVE-2019-11746, CVE-2019-11744, CVE-2019-11752, CVE-2019-9812, CVE-2016-11743 and CVE-2019-11740, which include potentially exploitable crashes while manipulating video elements or extracting a key value in IndexedDB, and a sandbox escape through Firefox Sync.

Update Instructions

  • IGEL OS 11: Update to IGEL OS 11.02.150 or newer.

  • IGEL OS 10: Update to IGEL OS 10.06.130 or newer.

  • IGEL Linux 5: This version does not have the space required for the Firefox ESR update. IGEL recommends removing the web browser feature if possible.

References

Mozilla Foundation Security Advisory 2019-27: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.