Alert GCSA-25016 - Aggiornamento di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25016
Data: 5 Febbraio 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR
e del client di posta Thunderbird, Thunderbird ESR con le quali risolve
vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 135
Firefox ESR versioni precedenti alla 128.7
Firefox ESR versioni precedenti alla 115.20
Thunderbird versioni precedenti alla 135
Thunderbird versioni precedenti alla 128.7
Thunderbird versioni precedenti alla 115.20
Thunderbird ESR versioni precedenti alla 128.7
:: Impatto
Remote Code Execution
Denial of Service
Data Manipulation
Spoofing
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-07/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-08/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-09/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-10/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-11/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0510
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1020
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ6Mjaw0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCCxUAoJbL1PtM79Prx5XA8hXUrkONY/30AJ9lS4nLOzbd
+iodFHacQVDl6Q+1Sw==
=Uhy2
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25016
Data: 5 Febbraio 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR
e del client di posta Thunderbird, Thunderbird ESR con le quali risolve
vulnerabilita' multiple.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 135
Firefox ESR versioni precedenti alla 128.7
Firefox ESR versioni precedenti alla 115.20
Thunderbird versioni precedenti alla 135
Thunderbird versioni precedenti alla 128.7
Thunderbird versioni precedenti alla 115.20
Thunderbird ESR versioni precedenti alla 128.7
:: Impatto
Remote Code Execution
Denial of Service
Data Manipulation
Spoofing
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-07/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-08/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-09/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-10/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-11/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0510
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1012
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1018
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1020
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ6Mjaw0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCCxUAoJbL1PtM79Prx5XA8hXUrkONY/30AJ9lS4nLOzbd
+iodFHacQVDl6Q+1Sw==
=Uhy2
-----END PGP SIGNATURE-----