{
  "schema_version": "1.7.0",
  "id": "MGASA-2017-0178",
  "published": "2017-06-19T07:44:03Z",
  "modified": "2017-06-16T13:39:37Z",
  "summary": "Updated firefox packages fix security vulnerabilities",
  "details": "Multiple flaws were found in the processing of malformed web content. A\nweb page containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user\nrunning Firefox (CVE-2017-5470, CVE-2017-5472, CVE-2017-7749,\nCVE-2017-7751, CVE-2017-7756, CVE-2017-7771, CVE-2017-7772,\nCVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,\nCVE-2017-7777, CVE-2017-7778, CVE-2017-7750, CVE-2017-7752,\nCVE-2017-7754, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764).\n",
  "upstream": [
    "CVE-2017-5470",
    "CVE-2017-5472",
    "CVE-2017-7749",
    "CVE-2017-7751",
    "CVE-2017-7756",
    "CVE-2017-7771",
    "CVE-2017-7772",
    "CVE-2017-7773",
    "CVE-2017-7774",
    "CVE-2017-7775",
    "CVE-2017-7776",
    "CVE-2017-7777",
    "CVE-2017-7778",
    "CVE-2017-7750",
    "CVE-2017-7752",
    "CVE-2017-7754",
    "CVE-2017-7757",
    "CVE-2017-7758",
    "CVE-2017-7764"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2017-0178.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=21088"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/"
    },
    {
      "type": "WEB",
      "url": "https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/"
    },
    {
      "type": "WEB",
      "url": "https://rhn.redhat.com/errata/RHSA-2017-1440.html"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "firefox",
        "purl": "pkg:rpm/mageia/firefox?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "52.2.0-1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "firefox-l10n",
        "purl": "pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "52.2.0-1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "nspr",
        "purl": "pkg:rpm/mageia/nspr?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15-1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}