USN-4568-1: Brotli vulnerability
5 October 2020
Brotli could be made to crash if it received a specially crafted input.
Releases
Packages
- brotli - lossless compression algorithm and format (command line utility)
Details
It was discovered that Brotli incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04
Ubuntu 18.04
-
brotli
-
1.0.3-1ubuntu1.3
-
libbrotli1
-
1.0.3-1ubuntu1.3
-
python-brotli
-
1.0.3-1ubuntu1.3
-
python3-brotli
-
1.0.3-1ubuntu1.3
Ubuntu 16.04
-
brotli
-
1.0.3-1ubuntu1~16.04.2
-
libbrotli1
-
1.0.3-1ubuntu1~16.04.2
-
python-brotli
-
1.0.3-1ubuntu1~16.04.2
-
python3-brotli
-
1.0.3-1ubuntu1~16.04.2
In general, a standard system update will make all the necessary changes.