Alert GCSA-22017 - Aggiornamenti di sicurezza per prodotti Mozilla

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************

Alert ID: GCSA-22017
Data: 09 Febbraio 2022
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla

******************************************************************


:: Descrizione

Mozilla ha rilasciato nuove versioni del browser Firefox,
con le quali vengono risolte alcune vulnerabilita' potenzialmente
sfruttabili per condurre attacchi.

Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".


:: Software interessato

Firefox versioni precedenti alla 97
Firefox ESR versioni precedenti alla 91.6


:: Impatto

Esecuzione remota di codice arbitrario
Innalzamento dei privilegi
Elusione delle restrizioni di sicurezza
Rivelazione di informazioni riservate


:: Soluzione

Aggiornare i software all'ultima versione

https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/


:: Riferimenti

Mozilla - Release Notes
https://www.mozilla.org/en-US/firefox/97.0/releasenotes/
https://www.mozilla.org/en-US/firefox/91.6.0/releasenotes/

Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2022-04/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-05/

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0511
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22764


GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iD8DBQFiA33kwZxMk2USYEIRApK8AKCc0pEjHW0Cnn0GRzNDZiM/WhNDHwCgmMNq
L0NL0Rj6n0S35PSfZqsAVL0=
=PB2w
-----END PGP SIGNATURE-----