Hi Thomas, hi Moritz, On Wed, Mar 09, 2016 at 08:50:48AM +0100, Moritz Muehlenhoff wrote: > Source: brotli > Severity: grave > Tags: security > > Firefox fixed a buffer overflow in brotli: > https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/ > > Please get in touch with upstream whether this also needs to be fixed > in the brotli source package in Debian.
JFTR, there was one one side, CVE-2016-1968 associated as well with the Iceweasel/Firefox update, on the other hand CVE-2016-1624 which was associated with the brotli update in chromium. Regards, Salvatore
