Format: 1.8 Date: Mon, 23 Mar 2020 08:26:28 -0400 Source: bluez Binary: libbluetooth3 libbluetooth3-dbg libbluetooth-dev bluetooth bluez bluez-dbg bluez-cups bluez-obexd bluez-hcidump bluez-tests Architecture: i386 Version: 5.48-0ubuntu3.4 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: bluetooth - Bluetooth support bluez - Bluetooth tools and daemons bluez-cups - Bluetooth printer driver for CUPS bluez-dbg - Bluetooth tools and daemons (with debugging symbols) bluez-hcidump - Analyses Bluetooth HCI packets bluez-obexd - bluez obex daemon bluez-tests - BlueZ test tools and scripts libbluetooth-dev - Development files for using the BlueZ Linux Bluetooth library libbluetooth3 - Library to use the BlueZ Linux Bluetooth stack libbluetooth3-dbg - Library to use the BlueZ Linux Bluetooth stack with debugging sym Changes: bluez (5.48-0ubuntu3.4) bionic-security; urgency=medium . * SECURITY UPDATE: privilege escalation via improper access control - debian/patches/CVE-2020-0556-1.patch: HOGP must only accept data from bonded devices in profiles/input/hog.c. - debian/patches/CVE-2020-0556-2.patch: HID accepts bonded device connections only in profiles/input/device.c, profiles/input/device.h, profiles/input/input.conf, profiles/input/manager.c. - debian/patches/CVE-2020-0556-3.patch: attempt to set security level if not bonded in profiles/input/hog.c. - debian/patches/CVE-2020-0556-4.patch: add LEAutoSecurity setting to input.conf in profiles/input/device.h, profiles/input/hog.c, profiles/input/input.conf, profiles/input/manager.c. - CVE-2020-0556 Checksums-Sha1: 07632fcc748d668de83f2e1da43dde5344319d78 67368 bluez-cups_5.48-0ubuntu3.4_i386.deb 68b904eab410690b755f780d3c2ac1a00edb95a4 5485816 bluez-dbg_5.48-0ubuntu3.4_i386.deb f4c127e7620da510acd870ccc7432a8e07925fc1 140556 bluez-hcidump_5.48-0ubuntu3.4_i386.deb 87435829af05e132b60ce26363105a2a9704a206 177724 bluez-obexd_5.48-0ubuntu3.4_i386.deb 4b54a92cdb86bd48a8cf10f627c9469b51a2181d 260964 bluez-tests_5.48-0ubuntu3.4_i386.deb d7ea8570a53b5494fa155682600d568d3bdfd6e0 13386 bluez_5.48-0ubuntu3.4_i386.buildinfo ed26479d620b31fec65c822c7790a70a62f28d5e 976012 bluez_5.48-0ubuntu3.4_i386.deb de4061fab954205da94fea925d3d4c2aa08220d2 154588 libbluetooth-dev_5.48-0ubuntu3.4_i386.deb 04af9057cba702bcaa24a1f0318edcd747b84edf 3056 libbluetooth3-dbg_5.48-0ubuntu3.4_i386.deb 302394771a412ca23a628588830688a308ee4c45 66132 libbluetooth3_5.48-0ubuntu3.4_i386.deb Checksums-Sha256: 84ebe77353f4621a2dff0cd8640c8252b49af0596540d36ba88e49afc251ca46 67368 bluez-cups_5.48-0ubuntu3.4_i386.deb 9dd412e35b85508c9b19268ec6385aedb9dc4a3b7ed89fce61d29ab146d5e08a 5485816 bluez-dbg_5.48-0ubuntu3.4_i386.deb 4c6401ef73601b81ef7388071916ab418953ceb269d7a4e07b391a7ed183868e 140556 bluez-hcidump_5.48-0ubuntu3.4_i386.deb 3c54d82fbe84f91653ff5e0e1a6a2f266d15d18c92e30656eb5ee138754af4f7 177724 bluez-obexd_5.48-0ubuntu3.4_i386.deb 8d979f653455e1c5d062baeea20682f004ce661f99096ee0651130647aa570a2 260964 bluez-tests_5.48-0ubuntu3.4_i386.deb bf93af5bdd4bc2a919d3da42d4f9605bf42a3d32abce423a9f4c5c71877d9572 13386 bluez_5.48-0ubuntu3.4_i386.buildinfo 275df0362f5b5fff9d4005bc0770c36cf3479b5d68502af9d64b385e1061c47b 976012 bluez_5.48-0ubuntu3.4_i386.deb b87d6791cfa7b2543fc73a609690393001fcf7e3908bea2e3519f4f144b591d6 154588 libbluetooth-dev_5.48-0ubuntu3.4_i386.deb 11d7e41ae1ceaff0fa2067879e44ece7659d403b00768822e31672c90ab4ba6e 3056 libbluetooth3-dbg_5.48-0ubuntu3.4_i386.deb 8ba63248c0be9671a35953d755288a95640a1382c9f69a007d44ba46cb856f53 66132 libbluetooth3_5.48-0ubuntu3.4_i386.deb Files: 36969ab31fb0b61a04f4ce32b43b3b68 67368 admin optional bluez-cups_5.48-0ubuntu3.4_i386.deb 6a532bcb938f26b05613c627e61fa0bb 5485816 debug extra bluez-dbg_5.48-0ubuntu3.4_i386.deb bf218b951c9487af5902d884fdca2ae1 140556 admin optional bluez-hcidump_5.48-0ubuntu3.4_i386.deb 7c1aa0c29a0967c36c0092ce000d9402 177724 admin optional bluez-obexd_5.48-0ubuntu3.4_i386.deb 078e912c95cb7113b625a493d38ff935 260964 admin optional bluez-tests_5.48-0ubuntu3.4_i386.deb 7915c1c85be3124148f7283fb6ca0c31 13386 admin optional bluez_5.48-0ubuntu3.4_i386.buildinfo 13546aa196cd5982cfd4bf61ec03d945 976012 admin optional bluez_5.48-0ubuntu3.4_i386.deb 6749a8d317b7d2b7cdb5c323876894a3 154588 libdevel extra libbluetooth-dev_5.48-0ubuntu3.4_i386.deb 28e020d66ebe3d213913149e09731908 3056 debug extra libbluetooth3-dbg_5.48-0ubuntu3.4_i386.deb 3fdb0932f61a71c1d99f86470e51a524 66132 libs optional libbluetooth3_5.48-0ubuntu3.4_i386.deb Original-Maintainer: Debian Bluetooth Maintainers