Accepted bluez 5.50-1.2~deb10u3 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 22 Oct 2022 18:39:32 +0200
Source: bluez
Architecture: source
Version: 5.50-1.2~deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Debian Bluetooth Maintainers <team+pkg-bluetooth@tracker.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Closes: 998626 1000262 1003712
Changes:
bluez (5.50-1.2~deb10u3) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2019-8921: SDP infoleak, the vulnerability lies in the handling of
a SVC_ATTR_REQ by the SDP implementation of BlueZ. By crafting a
malicious CSTATE, it is possible to trick the server into returning
more bytes than the buffer actually holds, resulting in leaking
arbitrary heap data.
* CVE-2019-8922: SDP Heap Overflow; this vulnerability lies in the SDP
protocol handling of attribute requests as well. By requesting a huge
number of attributes at the same time, an attacker can overflow the
static buffer provided to hold the response.
* CVE-2021-41229: sdp_cstate_alloc_buf allocates memory which will
always be hung in the singly linked list of cstates and will not be
freed. This will cause a memory leak over time. The data can be a very
large object, which can be caused by an attacker continuously sending
sdp packets and this may cause the service of the target device to
crash. (Closes: #1000262)
* CVE-2021-43400: a use-after-free in gatt-database.c can occur when a
client disconnects during D-Bus processing of a WriteValue
call. (Closes: #998626)
* CVE-2022-0204: a heap overflow vulnerability was found in bluez. An
attacker with local network access could pass specially crafted files
causing an application to halt or crash, leading to a denial of
service. (Closes: #1003712)
* CVE-2022-39176: BlueZ allows physically proximate attackers to obtain
sensitive information because profiles/audio/avrcp.c does not validate
params_len.
* CVE-2022-39177: BlueZ allows physically proximate attackers to cause a
denial of service because malformed and invalid capabilities can be
processed in profiles/audio/avdtp.c.
Checksums-Sha1:
60bf752e20f5eba8322cd241a4e9fcb525f26ee4 2588 bluez_5.50-1.2~deb10u3.dsc
ed1732599d8d86010c6763ffb042bd4528679620 45776 bluez_5.50-1.2~deb10u3.debian.tar.xz
81124665b07e3d1e352b3d298d6cb3f44801118b 11614 bluez_5.50-1.2~deb10u3_amd64.buildinfo
Checksums-Sha256:
3b14cf06b04eb41eb5a2cb9f762250499f552d37e93adbb1a0ff7071a67302b7 2588 bluez_5.50-1.2~deb10u3.dsc
d0b5c330e59fa1b61d0aee21727a6afb36b2f4d4ffa25e9c730f588e33b7d174 45776 bluez_5.50-1.2~deb10u3.debian.tar.xz
35b8998471570eadd5e3f8d5b3d49a7b3b021f4103e5910e98fb5597245549ad 11614 bluez_5.50-1.2~deb10u3_amd64.buildinfo
Files:
050737ce8cf5e8e023b774947d5cf35c 2588 admin optional bluez_5.50-1.2~deb10u3.dsc
4b66ce7f37cdf5555be10a9db984f992 45776 admin optional bluez_5.50-1.2~deb10u3.debian.tar.xz
4d8367d17c0014579a60282fcf89cab7 11614 admin optional bluez_5.50-1.2~deb10u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmNWQ2gACgkQDTl9HeUl
XjCGZRAAknURiTBDy2rUqdLeeZg9qDJPEwhA7Yos3nzpCATB5Sgl5DS1fH5dMPm/
6ZuX9kU1PdGm/hIfvNgmfZVWBe643MwEYTrvyoPSDPmDXD975tal5++4qnvnuont
u6aPxNwBvjVX/xreGCxDwcNNuXTI+ssCowFbrE/aKaLq4mkzAOHPjB7H579EPXx/
7++wDfxYi2pKnAM9k2rspnL+R96wQ6f89jGDQk8j2UqBkZUCi2gaipldI3Zx5Tvc
fvA3GNsNuwmDBlQEN3xvrkjuaU20tAITWOSOAEQVMVlgra8H3qWK75wHKmx0S9qP
j3xCwdGvtq/O5gafjgztJYl81KO0p/WQMgUIVmhcrVCNRwQDqDCuv0dYeNsBMcvz
4Q3crRg/8rFh2P8a/QxJi+f1A1cMtLX/zfOkY/juNQNeNlZi6JQTBxKAPdZ4N0tn
L2AqEqhJBQEsqK8rmbbQFqBAa3oA4FPr2y1keuSwPGtU8ymA6sy87j1k9cuBWdgS
lp0Nx8rGaSz1NMHSgP2i8pLs5RnXuG2Hhrai+lTfhHiU1yMlH88Sr9PtUuw8G8wm
cCnSZx11Gx3dnmrPuyPkuYu3lCayWaCkvbpatcTZ+UphFpWO5cNIdscpv6WtclCZ
Uk5bSO68q+pHkmI884m95u3ln7RTIEYq3eUCEKTM0FzOyWFAnNU=
=GemB
-----END PGP SIGNATURE-----
Reply to: