Alert GCSA-18095 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18095
Data: 4 dicembre 2018
Titolo: Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
E' stato rilasciato un aggiornamento per Chrome su qualsiasi piattaforma
che corregge 43 vulnerabilita' di sicurezza riscontrate nel software.
La versione stabile del broswer Chrome e' stata aggiornata alla 71.0.3578.80
per Windows, Mac e Linux, e alla 71.0.3578.83 per Android.
Nella sezione "Riferimenti" sono disponibili i link a informazioni appena piu' dettagliate.
:: Software interessato
Google Chrome versioni precedenti alla 71.0.3578.80 per Windows, Linux, Mac
Google Chrome versioni precedenti alla 71.0.3578.83 per Android
:: Impatto
Esecuzione di codice arbitrario
Accesso a informazioni sensibili
Elusione di restrizioni di sicurezza
Denial of Service
:: Soluzioni
Aggiornare Google Chrome all'ultima versione.
L'aggiornamento sara' automatico per tutte le installazioni in cui non sia stato disattivata l'opzione "aggiornamento automatico".
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/search/label/Stable%20updates
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/12/04/Google-Releases-Security-Updates-Chrome
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18344
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18346
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18356
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18359
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFcB6euwZxMk2USYEIRAu8uAKDV13QbY8Fm0cxkKcLvd6MBqaYjsACaAhY/
Dnx6cqKDBlYV/C0YSJYq4zQ=
=U59L
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18095
Data: 4 dicembre 2018
Titolo: Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
E' stato rilasciato un aggiornamento per Chrome su qualsiasi piattaforma
che corregge 43 vulnerabilita' di sicurezza riscontrate nel software.
La versione stabile del broswer Chrome e' stata aggiornata alla 71.0.3578.80
per Windows, Mac e Linux, e alla 71.0.3578.83 per Android.
Nella sezione "Riferimenti" sono disponibili i link a informazioni appena piu' dettagliate.
:: Software interessato
Google Chrome versioni precedenti alla 71.0.3578.80 per Windows, Linux, Mac
Google Chrome versioni precedenti alla 71.0.3578.83 per Android
:: Impatto
Esecuzione di codice arbitrario
Accesso a informazioni sensibili
Elusione di restrizioni di sicurezza
Denial of Service
:: Soluzioni
Aggiornare Google Chrome all'ultima versione.
L'aggiornamento sara' automatico per tutte le installazioni in cui non sia stato disattivata l'opzione "aggiornamento automatico".
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/search/label/Stable%20updates
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/12/04/Google-Releases-Security-Updates-Chrome
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18335
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18336
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18337
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18340
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18341
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18342
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18344
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18346
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18347
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18349
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18356
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18359
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFcB6euwZxMk2USYEIRAu8uAKDV13QbY8Fm0cxkKcLvd6MBqaYjsACaAhY/
Dnx6cqKDBlYV/C0YSJYq4zQ=
=U59L
-----END PGP SIGNATURE-----