ISN 2019-08: Firefox ESR Vulnerabilities

Announced 24 July 2019

Score: Critical

Several security issues affect the Firefox ESR web browser on

IGEL OS 11
IGEL OS 10
IGEL Linux v5

Details

Many vulnerabilities have been discovered in Firefox ESR, which Mozilla has summarized in the following Mozilla Foundation Security Advisories (MFSAs): MFSA-2019-22, MFSA-2019-19, MFSA- 2019-18, MFSA-2019-08, MFSA-2019-05 and MFSA-2019-02. Among these are vulnerabilities such as a sandbox escape, a script injection vulnerability, privilege escalation and some critical memory management weaknesses.

Update Instructions

IGEL OS 11: Update to IGEL OS 11.01.130 or newer.
IGEL OS 10: Update to IGEL OS 10.06.110 or newer.

Mitigation

IGEL Linux 5: This version does not have the space required for the Firefox ESR update. IGEL recommends disabling the web browser feature if possible: https://kb.igel.com/igellinux/en/features-2275613.html

References

MFSA-2019-22: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
Mozilla Foundation Security Advisories: https://www.mozilla.org/en-US/security/advisories/

Download PDF

ISN 2019-08: Firefox ESR Vulnerabilities

Details

Update Instructions

Mitigation

References

Cookie Notice