1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3972-1] bluez security update

    From Salvatore Bonaccorso@1:229/2 to All on Wed Sep 13 14:00:02 2017
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3972-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2017 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : bluez
    CVE ID : CVE-2017-1000250
    Debian Bug : 875633

    An information disclosure vulnerability was discovered in the Service
    Discovery Protocol (SDP) in bluetoothd, allowing a proximate attacker to
    obtain sensitive information from bluetoothd process memory, including Bluetooth encryption keys.

    For the oldstable distribution (jessie), this problem has been fixed
    in version 5.23-2+deb8u1.

    For the stable distribution (stretch), this problem has been fixed in
    version 5.43-2+deb9u1.

    We recommend that you upgrade your bluez packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlm5GVZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TJWxAAhqBjUve/5G0EyxWmnBiSim1gwWAazeSl6xwzIE2hELUxzoQFuXypmtqo EaFbxsLm7d9mCPSXXQt3QYPS43nW4l2foFOHFDpwdaEkLnpj8g6YdEgXIkUbpU0T bn5hT7VwKdxQUV2Dh1TTJttk6HgiGaASpLYhs4dAXFNYCtiAyrfmR4XBYpm0P0dW AGtI6wDqIWXRu4mJN25gaCLKHlbv0L9iF9C0D2/ldPJG2MDvaQlisSNtyI34FTWu YuMuNf8HVKmmGAZ8fLAM5qIII8HJ1I8USkS3DlYTkPffrXIeSZzRjRIhpiF9BicZ 42XSeJxfB/OzLdO9LtWtp5Hu9gZRQt12nLFH1p65QXSro5sBw7Fau5bfZUr8eAyt KD4B5582I2niG96rQ6nEWyO09QqEWCu1pGq8XHLFNyJStYTtVN3ewNiDzigWwZND 8RzyqSL/2Jy8Mjt5e8Hqyrv57haq15wNH4fZcy5vIadSwfWFv89jQhEvn5hNOS4Q 3Kg2lRoS9MspW4VdiqGDQg/yJX3c0bSIC/O+WVXT3WSIRS0D5nvtOKiuMKMvm3CI RLh9qEpE6wa7y3qlbNOo6yO2o8UrXZPU1la3BbXQySLfs8gr+kLPwsDDGzxMUPd+ d6sphtoPgqTRtJRuY0TLCc391hsDKWAOX3OSJCeJjeF6a9XqfRg=
    =9IIv
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)