Описание
Security update for bluez
This update for bluez fixes the following vulnerabilities:
- CVE-2016-7837: Buffer overflow in parse_line function (bsc#1026652)
- CVE-2017-1000250: information disclosure vulnerability in service_search_attr_req (bsc#1057342)
Список пакетов
openSUSE Leap 42.2
bluez-5.41-6.1
bluez-cups-5.41-6.1
bluez-devel-5.41-6.1
bluez-devel-32bit-5.41-6.1
bluez-test-5.41-6.1
libbluetooth3-5.41-6.1
libbluetooth3-32bit-5.41-6.1
openSUSE Leap 42.3
bluez-5.41-6.1
bluez-cups-5.41-6.1
bluez-devel-5.41-6.1
bluez-devel-32bit-5.41-6.1
bluez-test-5.41-6.1
libbluetooth3-5.41-6.1
libbluetooth3-32bit-5.41-6.1
Ссылки
- E-Mail link for openSUSE-SU-2017:2810-1
- SUSE Security Ratings
Описание
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.
Затронутые продукты
openSUSE Leap 42.2:bluez-5.41-6.1
openSUSE Leap 42.2:bluez-cups-5.41-6.1
openSUSE Leap 42.2:bluez-devel-32bit-5.41-6.1
openSUSE Leap 42.2:bluez-devel-5.41-6.1
Ссылки
- CVE-2016-7837
- SUSE Bug 1026652
Описание
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests.
Затронутые продукты
openSUSE Leap 42.2:bluez-5.41-6.1
openSUSE Leap 42.2:bluez-cups-5.41-6.1
openSUSE Leap 42.2:bluez-devel-32bit-5.41-6.1
openSUSE Leap 42.2:bluez-devel-5.41-6.1
Ссылки
- CVE-2017-1000250
- SUSE Bug 1057342