Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 438
Alerts This Week
Warning Icon 1 438

Ubuntu 19.04: 4020-1 Severe: Firefox Denial Of Service Threat

ubuntu
Calendar Grey June 19, 2019
Dist Ubuntu Esm H88
A vulnerability in Firefox might permit unauthorized code execution via compromised web pages. Users on Ubuntu advised to upgrade their browsers.
Firefox could be made to crash or run programs as your login if it opened a malicious website.

Summary

Firefox could be made to crash or run programs as your login if it

opened a malicious website.

Software Description:

- firefox: Mozilla Open Source web browser

Details:

A type confusion bug was discovered in Firefox. If a user were tricked in

to opening a specially crafted website, an attacker could exploit this by

causing a denial of service, or executing arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
  firefox                         67.0.3+build1-0ubuntu0.19.04.1

Ubuntu 18.10:
  firefox                         67.0.3+build1-0ubuntu0.18.10.1

Ubuntu 18.04 LTS:
  firefox                         67.0.3+build1-0ubuntu0.18.04.1

Ubuntu 16.04 LTS:
  firefox                         67.0.3+build1-0ubuntu0.16.04.1

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-4020-1

  CVE-2019-11707

Severity
critical
Lowest
Low
Medium
High
Critical

June 19, 2019

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.