ISN 2019-07: Firefox ESR Vulnerability

Announced 5 July 2019

Score: High

A security issue affects the Firefox ESR web browser on

IGEL OS 11
IGEL OS 10
IGEL Linux 5

Details

Two vulnerabilities (CVE-2019-11708 and CVE-2019-11707) have been discovered in Firefox that in combination allow a remote attacker to execute code on a target machine.

Update Instructions

IGEL OS 11: Update to IGEL OS 11.01.120, containing the fixed Firefox ESR version 60.7.2.
IGEL OS 10: Update to IGEL OS 10.05.830, containing the fixed Firefox ESR version 60.7.2.

Mitigation

IGEL Linux 5: This version does not have the space required for the Firefox ESR update. IGEL recommends disabling the web browser feature if possible: https://kb.igel.com/igellinux/en/features-2275613.html

Download PDF

ISN 2019-07: Firefox ESR Vulnerability

Details

Update Instructions

Mitigation

Cookie Notice