lp:~snappy-hwe-team/snappy-hwe-snaps/+git/bluez

Author: System Enablement CI Bot
Author Date: 2020-12-10 16:34:35 UTC

Open development for 5.48-3-dev

Author: System Enablement CI Bot
Author Date: 2020-12-10 16:34:32 UTC

Merge branch 'master' into stable

Author: System Enablement CI Bot
Author Date: 2020-12-10 14:09:32 UTC

Merge remote tracking branch fix-obexd-5.48

Merge-Proposal: https://code.launchpad.net/~alfonsosanchezbeato/snappy-hwe-snaps/+git/bluez/+merge/395147

Author: Alfonso Sanchez-Beato <alfonso.sanchez-beato@canonical.com>

obexd: don't free environment variable

Use g_strdup for option_root since it is expected to be freeable. When
this was assigned to an environement variable it would then be passed to
g_free and cause a crash because it wasn't memory that had been
malloced.

Author: System Enablement CI Bot
Author Date: 2020-12-10 13:52:53 UTC

Open development for 5.53-4-dev

Author: System Enablement CI Bot
Author Date: 2020-04-02 12:29:23 UTC

Merge remote tracking branch bluez/5.47

Merge-Proposal: https://code.launchpad.net/~alfonsosanchezbeato/snappy-hwe-snaps/+git/bluez/+merge/381570

Author: Alfonso Sanchez-Beato <alfonso.sanchez-beato@canonical.com>

Security update taken from Ubuntu package. Patches included:

bluez (5.48-0ubuntu3.4) bionic-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via improper access control
    - debian/patches/CVE-2020-0556-1.patch: HOGP must only accept data from
      bonded devices in profiles/input/hog.c.
    - debian/patches/CVE-2020-0556-2.patch: HID accepts bonded device
      connections only in profiles/input/device.c, profiles/input/device.h,
      profiles/input/input.conf, profiles/input/manager.c.
    - debian/patches/CVE-2020-0556-3.patch: attempt to set security level
      if not bonded in profiles/input/hog.c.
    - debian/patches/CVE-2020-0556-4.patch: add LEAutoSecurity setting to
      input.conf in profiles/input/device.h, profiles/input/hog.c,
      profiles/input/input.conf, profiles/input/manager.c.
    - CVE-2020-0556

Author: System Enablement CI Bot
Author Date: 2020-04-01 09:07:37 UTC

Open development for 5.49-2-dev

Author: System Enablement CI Bot
Author Date: 2020-03-31 11:44:38 UTC

Merge remote tracking branch cve-2020-0556

Merge-Proposal: https://code.launchpad.net/~alfonsosanchezbeato/snappy-hwe-snaps/+git/bluez/+merge/381428

Author: Alfonso Sanchez-Beato <alfonso.sanchez-beato@canonical.com>

Security update taken from Ubuntu package. Patches included:

bluez (5.48-0ubuntu3.4) bionic-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via improper access control
    - debian/patches/CVE-2020-0556-1.patch: HOGP must only accept data from
      bonded devices in profiles/input/hog.c.
    - debian/patches/CVE-2020-0556-2.patch: HID accepts bonded device
      connections only in profiles/input/device.c, profiles/input/device.h,
      profiles/input/input.conf, profiles/input/manager.c.
    - debian/patches/CVE-2020-0556-3.patch: attempt to set security level
      if not bonded in profiles/input/hog.c.
    - debian/patches/CVE-2020-0556-4.patch: add LEAutoSecurity setting to
      input.conf in profiles/input/device.h, profiles/input/hog.c,
      profiles/input/input.conf, profiles/input/manager.c.
    - CVE-2020-0556

Author: Marcel Holtmann
Author Date: 2018-06-01 08:36:21 UTC

Release 5.50

Author: Konrad Zapałowicz
Author Date: 2017-09-15 12:46:17 UTC

Update version to 5.34-3

Author: System Enablement CI Bot
Author Date: 2017-09-15 12:24:15 UTC

Merge remote tracking branch feature/15.04/blueborne-and-fixing-build

Merge-Proposal: https://code.launchpad.net/~kzapalowicz/snappy-hwe-snaps/+git/bluez/+merge/330824

Author: Konrad Zapałowicz <konrad.zapalowicz@canonical.com>

Update repository urls to point to snappy-hwe-team, also
bump version for an upcoming release and update changelog

Author: System Enablement CI Bot
Author Date: 2017-09-15 11:44:15 UTC

Merge remote tracking branch feature/fix-blueborne-5.34

Merge-Proposal: https://code.launchpad.net/~kzapalowicz/snappy-hwe-snaps/+git/bluez/+merge/330825

Author: Konrad Zapałowicz <konrad.zapalowicz@canonical.com>

Fix Blueborne CVE-2017-1000250

Author: System Enablement CI Bot
Author Date: 2017-09-13 14:57:30 UTC

Merge remote tracking branch fix/cve-blueborne

Merge-Proposal: https://code.launchpad.net/~kzapalowicz/snappy-hwe-snaps/+git/bluez/+merge/330677

Author: Konrad Zapałowicz <konrad.zapalowicz@canonical.com>

Fix CVE-2017-1000250

More details: https://www.armis.com/blueborne/, patch based on https://launchpadlibrarian.net/336654263/bluez_5.37-0ubuntu5_5.37-0ubuntu5.1.diff.gz

Author: Konrad Zapałowicz
Author Date: 2017-04-04 14:22:33 UTC

[SNAPPY] Fix hciattach on RPi3

This patch fixes the hciattach on Raspberry Pi 3 by applying the
following changes:

* don't set UART speed before loading firmware (thanks to
  https://github.com/MilhouseVH)
* change FIRMWARE_DIR to /lib/formware

These changes originated from LP: #1674509