[ubuntu/groovy-updates] bluez 5.55-0ubuntu1.2 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Wed Jun 16 13:28:30 UTC 2021

bluez (5.55-0ubuntu1.2) groovy-security; urgency=medium

  * SECURITY UPDATE: secure pairing passkey brute force
    - debian/patches/CVE-2020-26558.patch: fix not properly checking for
      secure flags in src/shared/att-types.h, src/shared/gatt-server.c.
    - CVE-2020-26558
  * SECURITY UPDATE: info disclosure via out of bounds read
    - debian/patches/CVE-2021-3588.patch: when client features is read
      check if the offset is within the cli_feat bounds in
    - CVE-2021-3588

Date: 2021-06-09 15:42:09.828740+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Maintainer: Bluetooth <ubuntu-bluetooth at lists.ubuntu.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Groovy-changes mailing list