ISN 2019-07: Firefox ESR Vulnerability

Announced 5 July 2019

Score: High

A security issue affects the Firefox ESR web browser on

  • IGEL OS 11
  • IGEL OS 10
  • IGEL Linux 5

Details

Two vulnerabilities (CVE-2019-11708 and CVE-2019-11707) have been discovered in Firefox that in combination allow a remote attacker to execute code on a target machine.

Update Instructions

  • IGEL OS 11: Update to IGEL OS 11.01.120, containing the fixed Firefox ESR version 60.7.2.
  • IGEL OS 10: Update to IGEL OS 10.05.830, containing the fixed Firefox ESR version 60.7.2.

Mitigation

Last update: July 5, 2019