Multiple vulnerabilities have been discovered in the Firefox ESR web browser which is used in IGEL OS. This affects the following IGEL products:
IGEL OS 11
Details
It has been found that it is possible for certain Firefox prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay (CVE-2023-5721). This vulnerability is rated as high. Apart from that, there are memory safety bugs which could lead to memory corruption and could be abused to run arbitrary code (CVE-2023-5730, high).
Update Instructions
OS 11: Update to IGEL OS version 11.09.150 or newer.