Alert-GCSA-21011 - Aggiornamenti di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21011
Data: 27 Gennaio 2021
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni del browser Firefox e del
client di posta Thunderbird, con le quali vengono risolte alcune
vulnerabilita', potenzialmente sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 85
Firefox ESR versioni precedenti alla 78.7
Thunderbird versioni precedenti alla 78.7
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aggiramento delle restrizioni di sicurezza
Cross-Site Scripting
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software all'ultima versione
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
:: Riferimenti
Mozilla - Release Notes
https://www.mozilla.org/en-US/firefox/85.0/releasenotes/
https://www.mozilla.org/en-US/firefox/78.7.0/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/78.7.0/releasenotes/
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15685
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23953
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23955
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23963
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23965
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26976
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFgESXvwZxMk2USYEIRApznAJ9/SHQJT0b0FFdx5TsaSs8pFqEmDwCeOvV+
ulbamAq5BMAaL/5qc2BE4u8=
=cCLI
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21011
Data: 27 Gennaio 2021
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni del browser Firefox e del
client di posta Thunderbird, con le quali vengono risolte alcune
vulnerabilita', potenzialmente sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 85
Firefox ESR versioni precedenti alla 78.7
Thunderbird versioni precedenti alla 78.7
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aggiramento delle restrizioni di sicurezza
Cross-Site Scripting
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software all'ultima versione
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
:: Riferimenti
Mozilla - Release Notes
https://www.mozilla.org/en-US/firefox/85.0/releasenotes/
https://www.mozilla.org/en-US/firefox/78.7.0/releasenotes/
https://www.thunderbird.net/en-US/thunderbird/78.7.0/releasenotes/
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-03/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-05/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15685
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23953
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23955
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23963
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23965
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26976
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFgESXvwZxMk2USYEIRApznAJ9/SHQJT0b0FFdx5TsaSs8pFqEmDwCeOvV+
ulbamAq5BMAaL/5qc2BE4u8=
=cCLI
-----END PGP SIGNATURE-----