Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 3972-1] bluez security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3972-1] bluez security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 3972-1] bluez security update
  • Date: Wed, 13 Sep 2017 11:54:03 +0000
  • List-archive: https://lists.debian.org/msgid-search/E1ds6F1-0003LN-0H AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Wed, 13 Sep 2017 11:54:19 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <p9ZzW5isG4D.A.VAF.rxRuZB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3972-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
September 13, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : bluez
CVE ID : CVE-2017-1000250
Debian Bug : 875633

An information disclosure vulnerability was discovered in the Service
Discovery Protocol (SDP) in bluetoothd, allowing a proximate attacker to
obtain sensitive information from bluetoothd process memory, including
Bluetooth encryption keys.

For the oldstable distribution (jessie), this problem has been fixed
in version 5.23-2+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 5.43-2+deb9u1.

We recommend that you upgrade your bluez packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlm5GVZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TJWxAAhqBjUve/5G0EyxWmnBiSim1gwWAazeSl6xwzIE2hELUxzoQFuXypmtqo
EaFbxsLm7d9mCPSXXQt3QYPS43nW4l2foFOHFDpwdaEkLnpj8g6YdEgXIkUbpU0T
bn5hT7VwKdxQUV2Dh1TTJttk6HgiGaASpLYhs4dAXFNYCtiAyrfmR4XBYpm0P0dW
AGtI6wDqIWXRu4mJN25gaCLKHlbv0L9iF9C0D2/ldPJG2MDvaQlisSNtyI34FTWu
YuMuNf8HVKmmGAZ8fLAM5qIII8HJ1I8USkS3DlYTkPffrXIeSZzRjRIhpiF9BicZ
42XSeJxfB/OzLdO9LtWtp5Hu9gZRQt12nLFH1p65QXSro5sBw7Fau5bfZUr8eAyt
KD4B5582I2niG96rQ6nEWyO09QqEWCu1pGq8XHLFNyJStYTtVN3ewNiDzigWwZND
8RzyqSL/2Jy8Mjt5e8Hqyrv57haq15wNH4fZcy5vIadSwfWFv89jQhEvn5hNOS4Q
3Kg2lRoS9MspW4VdiqGDQg/yJX3c0bSIC/O+WVXT3WSIRS0D5nvtOKiuMKMvm3CI
RLh9qEpE6wa7y3qlbNOo6yO2o8UrXZPU1la3BbXQySLfs8gr+kLPwsDDGzxMUPd+
d6sphtoPgqTRtJRuY0TLCc391hsDKWAOX3OSJCeJjeF6a9XqfRg=
=9IIv
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 3972-1] bluez security update, Salvatore Bonaccorso, 13.09.2017

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang