Alert-GCSA-21021 - Aggiornamenti di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21021
Data: 25 Febbraio 2021
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni dei browser Firefox e Firefox ESR,
e del client di posta Thunderbird, con le quali vengono risolte alcune
vulnerabilita', potenzialmente sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 86
Firefox ESR versioni precedenti alla 78.8
Thunderbird versioni precedenti alla 78.8
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aggiramento delle restrizioni di sicurezza
Cross-Site Scripting
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software all'ultima versione
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/
US-CERT
https://us-cert.cisa.gov/ncas/current-activity/2021/02/24/mozilla-releases-security-updates-thunderbird-firefox-esr-and
Mitre CVE
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23968
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23969
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23970
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23971
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23972
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23973
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23974
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23975
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23976
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23977
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23978
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23979
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYDehPgAKCRDBnEyTZRJg
QiBHAKCjjYHvCf0Ras6fSxJ50EuftdUB7ACfcQODYNmza0ZAAms5Md838JyqecY=
=+EEE
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21021
Data: 25 Febbraio 2021
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni dei browser Firefox e Firefox ESR,
e del client di posta Thunderbird, con le quali vengono risolte alcune
vulnerabilita', potenzialmente sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 86
Firefox ESR versioni precedenti alla 78.8
Thunderbird versioni precedenti alla 78.8
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aggiramento delle restrizioni di sicurezza
Cross-Site Scripting
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software all'ultima versione
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-08/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-09/
US-CERT
https://us-cert.cisa.gov/ncas/current-activity/2021/02/24/mozilla-releases-security-updates-thunderbird-firefox-esr-and
Mitre CVE
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23968
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23969
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23970
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23971
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23972
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23973
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23974
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23975
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23976
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23977
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23978
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2021-23979
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYDehPgAKCRDBnEyTZRJg
QiBHAKCjjYHvCf0Ras6fSxJ50EuftdUB7ACfcQODYNmza0ZAAms5Md838JyqecY=
=+EEE
-----END PGP SIGNATURE-----