[Buildroot] [PATCH] bluez5_utils: add upstream security fix for CVE-2017-1000250
Peter Korsgaard
peter at korsgaard.com
Thu Sep 21 14:59:51 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes CVE-2017-1000250 - All versions of the SDP server in BlueZ 5.46 and
> earlier are vulnerable to an information disclosure vulnerability which
> allows remote attackers to obtain sensitive information from the bluetoothd
> process memory. This vulnerability lies in the processing of SDP search
> attribute requests.
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2017.02.x, thanks (seems safer than bumping to 5.47).
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list