Alert GCSA-22063 - Aggiornamenti di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-22063
Data: 01 Giugno 2022
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni di alcuni prodotti, nelle quali
vengono risolte alcune vulnerabilita' sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox, versioni precedenti alla 101
Firefox ESR, versioni precedenti alla 91.10
Thunderbird, versioni precedenti alla 91.10
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Information Disclosure
Spoofing
:: Soluzione
Aggiornare i software all'ultima versione
Firefox, alla 101
Firefox ESR, alla 91.10
Thunderbird, alla 91.10
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-21/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/
CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-di-sicurezza-per-prodotti-mozilla-al01-220601-csirt-ita
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31748
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmKXOIMACgkQwZxMk2USYEIYSgCgreO44Gg33UNi3zGN6SS6/9mt
D5AAoMSz536t/qSyGGm+azoa7585fpSM
=ggH9
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-22063
Data: 01 Giugno 2022
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione
Mozilla ha rilasciato nuove versioni di alcuni prodotti, nelle quali
vengono risolte alcune vulnerabilita' sfruttabili per condurre attacchi.
Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".
:: Software interessato
Firefox, versioni precedenti alla 101
Firefox ESR, versioni precedenti alla 91.10
Thunderbird, versioni precedenti alla 91.10
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Information Disclosure
Spoofing
:: Soluzione
Aggiornare i software all'ultima versione
Firefox, alla 101
Firefox ESR, alla 91.10
Thunderbird, alla 91.10
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/en-US/thunderbird/all/
:: Riferimenti
Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-21/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/
CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-di-sicurezza-per-prodotti-mozilla-al01-220601-csirt-ita
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1834
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31739
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31740
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31741
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31748
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmKXOIMACgkQwZxMk2USYEIYSgCgreO44Gg33UNi3zGN6SS6/9mt
D5AAoMSz536t/qSyGGm+azoa7585fpSM
=ggH9
-----END PGP SIGNATURE-----