{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"38.2.1esr-17.1","MozillaFirefox-translations":"38.2.1esr-17.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP1-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"38.2.1esr-17.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"38.2.1esr-17.1","MozillaFirefox-translations":"38.2.1esr-17.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP1-TERADATA","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP1-TERADATA"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"38.2.1esr-17.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"38.2.1esr-17.1","MozillaFirefox-translations":"38.2.1esr-17.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP2-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"38.2.1esr-17.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nMozilla Firefox was updated to 38.2.1 ESR, fixing two severe security bugs. (bsc#943608)\n\n* MFSA 2015-94/CVE-2015-4497 (bsc#943557): Use-after-free when resizing canvas element during restyling\n* MFSA 2015-95/CVE-2015-4498 (bsc#943558): Add-on notification bypass through data URLs\n","id":"SUSE-SU-2015:1504-1","modified":"2015-09-04T10:24:29Z","published":"2015-09-04T10:24:29Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151504-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/943557"},{"type":"REPORT","url":"https://bugzilla.suse.com/943558"},{"type":"REPORT","url":"https://bugzilla.suse.com/943608"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4497"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4498"}],"related":["CVE-2015-4497","CVE-2015-4498"],"summary":"Security update for MozillaFirefox","upstream":["CVE-2015-4497","CVE-2015-4498"]}