Launchpad CVE tracker

CVE 2016-1968

Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted data with brotli compression.

Related bugs and status

CVE-2016-1968 (Candidate) is related to these bugs:

Bug #1737364: 16.04: Fix CVE-2016-1968 and CVE-2016-1624 for brotli

Summary				In	Importance	Status
	1737364	16.04: Fix CVE-2016-1968 and CVE-2016-1624 for brotli		brotli (Ubuntu)	Undecided	Fix Released
	1737364	16.04: Fix CVE-2016-1968 and CVE-2016-1624 for brotli		brotli (Ubuntu Xenial)	Undecided	Fix Released

Bug #1795077: Backport brotli 1.0.3 to Ubuntu 16.04 LTS

Summary				In	Importance	Status
	1795077	Backport brotli 1.0.3 to Ubuntu 16.04 LTS		brotli (Ubuntu)	Medium	Fix Released
	1795077	Backport brotli 1.0.3 to Ubuntu 16.04 LTS		brotli (Ubuntu Xenial)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
GENTOO: GLSA-201605-06
SUSE: openSUSE-SU-2016:0731
SUSE: openSUSE-SU-2016:0733
UBUNTU: USN-2917-2
UBUNTU: USN-2917-3
UBUNTU: USN-2917-1
SECTRACK: 1035215

Launchpad.net

CVE 2016-1968

Related bugs and status

Related bugs

References