openSUSE-SU-2019:2585-1

Опубликовано: 30 нояб. 2019

Источник: suse-cvrf

Описание

Security update for bluez

This update for bluez fixes the following issues:

CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

bluez-5.48-lp150.4.16.1

bluez-auto-enable-devices-5.48-lp150.4.16.1

bluez-cups-5.48-lp150.4.16.1

bluez-devel-5.48-lp150.4.16.1

bluez-devel-32bit-5.48-lp150.4.16.1

bluez-test-5.48-lp150.4.16.1

libbluetooth3-5.48-lp150.4.16.1

libbluetooth3-32bit-5.48-lp150.4.16.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NQCMJ3S23QNDH5LYNDD7WFLMU6BHPW2H/#NQCMJ3S23QNDH5LYNDD7WFLMU6BHPW2H
E-Mail link for openSUSE-SU-2019:2585-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1013712
SUSE Bug 1013712
https://www.suse.com/security/cve/CVE-2016-9798/
SUSE CVE CVE-2016-9798 page

Описание

In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Затронутые продукты

openSUSE Leap 15.0:bluez-5.48-lp150.4.16.1

openSUSE Leap 15.0:bluez-auto-enable-devices-5.48-lp150.4.16.1

openSUSE Leap 15.0:bluez-cups-5.48-lp150.4.16.1

openSUSE Leap 15.0:bluez-devel-32bit-5.48-lp150.4.16.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-9798.html
CVE-2016-9798
https://bugzilla.suse.com/1013708
SUSE Bug 1013708
https://bugzilla.suse.com/1013712
SUSE Bug 1013712
https://bugzilla.suse.com/1013732
SUSE Bug 1013732

openSUSE-SU-2019:2585-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2016-9798

Описание

Затронутые продукты

Ссылки