Alert GCSA17010 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************
Alert ID : GCSA-17010
Data : 27 Gennaio 2017
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve
alcune vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla
sezione 'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 56.0.2924.76 per Windows e Mac e
per Linux
:: Impatto
Esecuzione remota di codice arbitrario
Bypass di restrizioni di sicurezza
URL Spoofing
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non
sia stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html
Security Tracker
http://www.securitytracker.com/id/1037718
SecurityFocus
http://www.securityfocus.com/bid/95792
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5026
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAliLOKwACgkQwZxMk2USYEJ+uACguH73rHVLPAJrGcvf/2J6C4v+
KzUAn0dkgX+IwuWQ8yBEJnrvospX/rYx
=VqmT
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************
Alert ID : GCSA-17010
Data : 27 Gennaio 2017
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve
alcune vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla
sezione 'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 56.0.2924.76 per Windows e Mac e
per Linux
:: Impatto
Esecuzione remota di codice arbitrario
Bypass di restrizioni di sicurezza
URL Spoofing
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non
sia stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html
Security Tracker
http://www.securitytracker.com/id/1037718
SecurityFocus
http://www.securityfocus.com/bid/95792
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5026
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAliLOKwACgkQwZxMk2USYEJ+uACguH73rHVLPAJrGcvf/2J6C4v+
KzUAn0dkgX+IwuWQ8yBEJnrvospX/rYx
=VqmT
-----END PGP SIGNATURE-----