Format: 1.8 Date: Mon, 23 Mar 2020 08:39:08 -0400 Source: bluez Binary: libbluetooth3 libbluetooth3-dbg libbluetooth-dev bluetooth bluez bluez-dbg bluez-cups bluez-obexd bluez-hcidump bluez-tests Architecture: i386 Version: 5.37-0ubuntu5.3 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: bluetooth - Bluetooth support bluez - Bluetooth tools and daemons bluez-cups - Bluetooth printer driver for CUPS bluez-dbg - Bluetooth tools and daemons (with debugging symbols) bluez-hcidump - Analyses Bluetooth HCI packets bluez-obexd - bluez obex daemon bluez-tests - BlueZ test tools and scripts libbluetooth-dev - Development files for using the BlueZ Linux Bluetooth library libbluetooth3 - Library to use the BlueZ Linux Bluetooth stack libbluetooth3-dbg - Library to use the BlueZ Linux Bluetooth stack with debugging sym Changes: bluez (5.37-0ubuntu5.3) xenial-security; urgency=medium . * SECURITY UPDATE: buffer overflow in parse_line function - debian/patches/CVE-2016-7837.patch: make sure we don't write past the end of the array in tools/csr.c. - CVE-2016-7837 * SECURITY UPDATE: privilege escalation via improper access control - debian/patches/CVE-2020-0556-pre1.patch: use .accept and .disconnect instead of attio in profiles/input/hog.c, src/device.c, src/device.h. - debian/patches/CVE-2020-0556-1.patch: HOGP must only accept data from bonded devices in profiles/input/hog.c. - debian/patches/CVE-2020-0556-2.patch: HID accepts bonded device connections only in profiles/input/device.c, profiles/input/device.h, profiles/input/input.conf, profiles/input/manager.c. - debian/patches/CVE-2020-0556-3.patch: attempt to set security level if not bonded in profiles/input/hog.c. - debian/patches/CVE-2020-0556-4.patch: add LEAutoSecurity setting to input.conf in profiles/input/device.h, profiles/input/hog.c, profiles/input/input.conf, profiles/input/manager.c. - CVE-2020-0556 Checksums-Sha1: f04e3ff046fa8f720c028b2ea07a1d9560d0b82a 936 bluez-cups-dbgsym_5.37-0ubuntu5.3_i386.ddeb 8b2047c8a31250c84d33aff71b04177534e57a38 64816 bluez-cups_5.37-0ubuntu5.3_i386.deb 4581c2cc2cb301300603aa08cf8151d88e5c943b 5075710 bluez-dbg_5.37-0ubuntu5.3_i386.deb 71830147978067e2be5fe6acffe9243d23a18115 940 bluez-dbgsym_5.37-0ubuntu5.3_i386.ddeb a0951f75073333a540b8fb02320fcf0d7eff5b8e 1066 bluez-hcidump-dbgsym_5.37-0ubuntu5.3_i386.ddeb 560d3f65db821a72f1536f17da3448bb0850833e 139442 bluez-hcidump_5.37-0ubuntu5.3_i386.deb e20393232c485122acb47f31603b4deb999ba862 1040 bluez-obexd-dbgsym_5.37-0ubuntu5.3_i386.ddeb c6363550c66ead09609bc4cde23ff31af4a004cd 176350 bluez-obexd_5.37-0ubuntu5.3_i386.deb 1cc52b903dad405068c3871332d0e983fb7e9947 930 bluez-tests-dbgsym_5.37-0ubuntu5.3_i386.ddeb 4a9f9c05ea5ca71261f6ee3949a7776a3275e9dc 233754 bluez-tests_5.37-0ubuntu5.3_i386.deb 3ca1ecd961080cf9076a5778bccd8cfe3c745d86 954988 bluez_5.37-0ubuntu5.3_i386.deb e114317f8e4ade2dfbe91f9d534a468bbd530078 890 libbluetooth-dev-dbgsym_5.37-0ubuntu5.3_i386.ddeb 08ecf43983445bdbb127582164a24377cec4fa70 147934 libbluetooth-dev_5.37-0ubuntu5.3_i386.deb 727565bb6dbf3da99454c72665a3f72e555be1f2 2982 libbluetooth3-dbg_5.37-0ubuntu5.3_i386.deb d66ac317cce4efb90d1e8140e9e34169bc9c47d2 896 libbluetooth3-dbgsym_5.37-0ubuntu5.3_i386.ddeb 1edbdb1c574c5f638073496fc60a0997331e215d 63686 libbluetooth3_5.37-0ubuntu5.3_i386.deb Checksums-Sha256: 16d6d5a298e3224286a38237edd083e172e062a4bae5ddefd25d2daea70be127 936 bluez-cups-dbgsym_5.37-0ubuntu5.3_i386.ddeb 18de7e6cbad0d9ad0cd5e5b209eaede4fe4a3fca1719e302249643842b07c402 64816 bluez-cups_5.37-0ubuntu5.3_i386.deb 4ef97122aee1dd5ed27ede8b7189aa2ea1536b9ac512f84381390673e25d436d 5075710 bluez-dbg_5.37-0ubuntu5.3_i386.deb 858c5d0643295e723523ea5bd59be11c0de55b77051e0b63d5461d8af9f6543d 940 bluez-dbgsym_5.37-0ubuntu5.3_i386.ddeb f15d0749b629ba84a0070dc2ca58c905ea05b2d81e16755899584abf143230cb 1066 bluez-hcidump-dbgsym_5.37-0ubuntu5.3_i386.ddeb 244065189753a8b9640736e0c98728961db92900acfc10622aa798b23fc291ea 139442 bluez-hcidump_5.37-0ubuntu5.3_i386.deb 5aa278874967d71f6cb053b4f19da268f305f6ebce7d89d84ef7edd091acea7d 1040 bluez-obexd-dbgsym_5.37-0ubuntu5.3_i386.ddeb 836478853577b68bf3dd32499ab0fafe26467ec5f712b5c0ceb56458218a2cc3 176350 bluez-obexd_5.37-0ubuntu5.3_i386.deb f89c785e84acc276da5cf1dab0c66fe87f85c9268a89101e67ec6cc1785a4aa5 930 bluez-tests-dbgsym_5.37-0ubuntu5.3_i386.ddeb 1694891b346fba35d90784ec2385ae8964aadda6856396444b877c857d0ee3c2 233754 bluez-tests_5.37-0ubuntu5.3_i386.deb c1aea8796181278211a5179bcd53f77c2d96d264049dabf6801b2a3d887852b9 954988 bluez_5.37-0ubuntu5.3_i386.deb d338f34c2dffd759ce7e3bf3a1aecfcf5b4cfa0a31351064827e09154448a5f4 890 libbluetooth-dev-dbgsym_5.37-0ubuntu5.3_i386.ddeb 872fad2f7f2e493ba16850d74373cd90e040b98d5d0c8bf3bd81849eabf41609 147934 libbluetooth-dev_5.37-0ubuntu5.3_i386.deb 820f1893efdca0c1eb8040eb0e0fc8b94b33ebdb17c4766c2ecdc899beb439bd 2982 libbluetooth3-dbg_5.37-0ubuntu5.3_i386.deb d9edd176125b9512bca872f9aa9eb428d94807357b4608c286f35bede868c1da 896 libbluetooth3-dbgsym_5.37-0ubuntu5.3_i386.ddeb 5a5071f12f26762cc57f48e5f6d64677167938efede762a7fa53feed5fb479f2 63686 libbluetooth3_5.37-0ubuntu5.3_i386.deb Files: 7304ff0d8b5d6f1e9d4a7183a59b5607 936 admin extra bluez-cups-dbgsym_5.37-0ubuntu5.3_i386.ddeb 3e9ec4a1d236cac419c0c7e26f949da9 64816 admin optional bluez-cups_5.37-0ubuntu5.3_i386.deb d2c157354223dec5f551af20fb90d287 5075710 debug extra bluez-dbg_5.37-0ubuntu5.3_i386.deb 0812e7ed9ca26f6b0311ee0e567a0dce 940 admin extra bluez-dbgsym_5.37-0ubuntu5.3_i386.ddeb 6d6c2f6412e406e7d1805f5e76701992 1066 admin extra bluez-hcidump-dbgsym_5.37-0ubuntu5.3_i386.ddeb 52ceb35778a3ed5ed19cdc7a3c6b5268 139442 admin optional bluez-hcidump_5.37-0ubuntu5.3_i386.deb 5f5ac6cc8882794c21b4d13633eeefb2 1040 admin extra bluez-obexd-dbgsym_5.37-0ubuntu5.3_i386.ddeb f2e1a978c079ff9b0c0f45210679884e 176350 admin optional bluez-obexd_5.37-0ubuntu5.3_i386.deb 5ecd777692d56977abf9913feb9c4235 930 admin extra bluez-tests-dbgsym_5.37-0ubuntu5.3_i386.ddeb fe274f55c68ac559921f243d233fabf7 233754 admin optional bluez-tests_5.37-0ubuntu5.3_i386.deb 1b99d2400e125856c5d3264adebab023 954988 admin optional bluez_5.37-0ubuntu5.3_i386.deb 696e89528fcb42b8f95454581d7d148e 890 libdevel extra libbluetooth-dev-dbgsym_5.37-0ubuntu5.3_i386.ddeb 6e641a7bc8af4a7bdb7a88490dbcb56b 147934 libdevel extra libbluetooth-dev_5.37-0ubuntu5.3_i386.deb a91856309c27285463698845fcd82ded 2982 debug extra libbluetooth3-dbg_5.37-0ubuntu5.3_i386.deb 2c5ee4b20b9b5285e762c195b298f7ee 896 libs extra libbluetooth3-dbgsym_5.37-0ubuntu5.3_i386.ddeb e8219d9403ec669383411a88288968f0 63686 libs optional libbluetooth3_5.37-0ubuntu5.3_i386.deb Original-Maintainer: Debian Bluetooth Maintainers