Alert GCSA-25093 - Aggiornamento di sicurezza per prodotti Mozilla

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

******************************************************************

Alert ID: GCSA-25093
Data: 23 Luglio 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla

******************************************************************

:: Descrizione del problema

Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR
e del client di posta Thunderbird, con le quali risolve vulnerabilita' multiple.

Maggiori informazioni sono disponibili alla sezione "Riferimenti".


:: Software interessato

Firefox versioni precedenti alla 141
Firefox ESR versioni precedenti alla 115.26
Firefox ESR versioni precedenti alla 128.13
Firefox ESR versioni precedenti alla 140.1
Firefox per iOS versioni precedenti alla 141
Thunderbird versioni precedenti alla 128.13
Thunderbird versioni precedenti alla 140.1
Thunderbird versioni precedenti alla 141


:: Impatto

Remote Code Execution
Information Disclosure
Security Restriction Bypass


:: Soluzioni

Aggiornare Firefox all'ultima versione

https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release

Aggiornare Thunderbird all'ultima versione

https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/


:: Riferimenti

Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-57/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-59/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-60/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-61/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-63/

Mitre CVE
https://www.cve.org/CVERecord?id=CVE-2025-8027
https://www.cve.org/CVERecord?id=CVE-2025-8028
https://www.cve.org/CVERecord?id=CVE-2025-8029
https://www.cve.org/CVERecord?id=CVE-2025-8030
https://www.cve.org/CVERecord?id=CVE-2025-8031
https://www.cve.org/CVERecord?id=CVE-2025-8032
https://www.cve.org/CVERecord?id=CVE-2025-8033
https://www.cve.org/CVERecord?id=CVE-2025-8034
https://www.cve.org/CVERecord?id=CVE-2025-8035
https://www.cve.org/CVERecord?id=CVE-2025-8036
https://www.cve.org/CVERecord?id=CVE-2025-8037
https://www.cve.org/CVERecord?id=CVE-2025-8038
https://www.cve.org/CVERecord?id=CVE-2025-8039
https://www.cve.org/CVERecord?id=CVE-2025-8040
https://www.cve.org/CVERecord?id=CVE-2025-8041
https://www.cve.org/CVERecord?id=CVE-2025-8042
https://www.cve.org/CVERecord?id=CVE-2025-8043
https://www.cve.org/CVERecord?id=CVE-2025-8044
https://www.cve.org/CVERecord?id=CVE-2025-54143
https://www.cve.org/CVERecord?id=CVE-2025-54144
https://www.cve.org/CVERecord?id=CVE-2025-54145


GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaICSvQ0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCcqgAoKnnkKAcF9pXogmQMgZJccaCOpfqAJ98X0xRff2H
8Ku8OBMbryxNYhHLCg==
=DbjP
-----END PGP SIGNATURE-----