[ubuntu/bionic-security] bluez 5.48-0ubuntu3.6 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Nov 23 18:54:35 UTC 2021
bluez (5.48-0ubuntu3.6) bionic-security; urgency=medium
* SECURITY UPDATE: DoS via memory leak in sdp_cstate_alloc_buf
- debian/patches/CVE-2021-41229-pre1.patch: fix not checking if cstate
length in src/sdpd-request.c.
- debian/patches/CVE-2021-41229.patch: fix leaking buffers stored in
cstates cache in src/sdpd-request.c, src/sdpd-server.c, src/sdpd.h,
unit/test-sdp.c.
- CVE-2021-41229
* SECURITY UPDATE: use-after-free when client disconnects
- debian/patches/CVE-2021-43400-pre1.patch: send device and link
options with AcquireNotify in src/gatt-database.c.
- debian/patches/CVE-2021-43400-pre2.patch: fix Acquire* reply handling
in src/gatt-database.c.
- debian/patches/CVE-2021-43400-pre3.patch: no multiple calls to
AcquireWrite in src/gatt-database.c.
- debian/patches/CVE-2021-43400-pre4.patch: provide MTU in ReadValue
and WriteValue in src/gatt-database.c.
- debian/patches/CVE-2021-43400.patch: fix not cleaning up when
disconnected in src/gatt-database.c.
- CVE-2021-43400
Date: 2021-11-17 18:34:09.899426+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Maintainer: Bluetooth <ubuntu-bluetooth at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/bluez/5.48-0ubuntu3.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list