Alert GCSA-21062 - Aggiornamenti di sicurezza per prodotti Mozilla

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************

Alert ID: GCSA-21062
Data: 3 Giugno 2021
Titolo: Aggiornamenti di sicurezza per prodotti Mozilla

******************************************************************


:: Descrizione

Mozilla ha rilasciato nuove versioni del browser Firefox
con le quali vengono risolte alcune vulnerabilita',
potenzialmente sfruttabili per condurre attacchi.

Maggiori informazioni sono disponibili nelle segnalazioni
ufficiali alla sezione "Riferimenti".


:: Software interessato

Versioni precedenti alle seguenti:

Firefox 89
Firefox ESR 78.11
Firefox for iOS 34


:: Impatto

Remote Code Execution
Denial of Service
Security Restriction Bypass
Information Disclosure


:: Soluzione

Aggiornare i software all'ultima versione

https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/en-US/firefox/organizations/


:: Riferimenti

Mozilla Security Advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-25/

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29963
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29965
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29966
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29967



GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iD8DBQFguI5TwZxMk2USYEIRAik6AKCUhjg3KWkrd8eHFrShjSzccO+OuwCeMqbW
pvwWYAnxvPNeoZtnvkcESFE=
=Ltd8
-----END PGP SIGNATURE-----