NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8dbb329307
kumquat-buildroot/package/bluez5_utils-headers
History
Jörg Krause 312a28cf64 package/{bluez5_utils, bluez5_utils-headers}: security bump to version 5.54 
Fixes the following security issue:

- CVE-2020-0556: Improper access control in subsystem for BlueZ before
  version 5.54 may allow an unauthenticated user to potentially enable
  escalation of privilege and denial of service via adjacent access

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html

Changes since version 5.52:

5.54:
  Fix issue with HOGP to accept data only from bonded devices.
  Fix issue with A2DP sessions being connected at the same time.
  Fix issue with class UUID matches before connecting profile.
  Add support for handling MTU auto-tuning option for AVDTP.
  Add support for new policy for Just-Works repairing.
  Add support for Enhanced ATT bearer (EATT).

5.53:
  Fix issue with handling unregistration for advertisment.
  Fix issue with A2DP and handling recovering process.
  Fix issue with udpating input device information.
  Add support for loading blocked keys.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3a678c952f)
[Peter: mention security issue]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-04-06 23:50:19 +02:00
..
bluez5_utils-headers.hash
bluez5_utils-headers.mk package/{bluez5_utils, bluez5_utils-headers}: security bump to version 5.54 2020-04-06 23:50:19 +02:00
Config.in