snappy-hwe-snaps

~snappy-hwe-team/snappy-hwe-snaps/+git/bluez:stable

Git
lp:~snappy-hwe-team/snappy-hwe-snaps/+git/bluez
stable

Last commit made on 2022-02-10

Get this branch:: git clone -b stable https://git.launchpad.net/~snappy-hwe-team/snappy-hwe-snaps/+git/bluez

Members of Snappy HWE Team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:: stable

Repository:: lp:~snappy-hwe-team/snappy-hwe-snaps/+git/bluez

Recent commits

709bbdc... by System Enablement CI Bot <email address hidden> on 2022-02-10

Merge branch 'master' into stable

274df20... by System Enablement CI Bot <email address hidden> on 2022-02-10

Bump version to 5.48-4

14655a6... by System Enablement CI Bot <email address hidden> on 2022-02-10

Update manifests to 5.48-4

4e4a11e... by System Enablement CI Bot <email address hidden> on 2022-02-10

Update ChangeLog for 5.48-4

b9f672a... by System Enablement CI Bot <email address hidden> on 2022-02-10

Merge remote tracking branch cve-snap

Merge-Proposal: https://code.launchpad.net/~alfonsosanchezbeato/snappy-hwe-snaps/+git/bluez/+merge/415370

Author: Alfonso Sanchez-Beato <email address hidden>

Update to 5.48-0ubuntu3.8 sources:

bluez (5.48-0ubuntu3.8) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer overflow in gatt server protocol could lead to
    a heap overflow, resulting in denial of service or potential code
    execution.
    - debian/patches/CVE-2022-0204.patch: add length and offset validation in
      write_cb function in src/shared/gatt-server.c.
    - CVE-2022-0204

-- Ray Veldkamp <email address hidden> Fri, 04 Feb 2022 10:25:37 +1100

bluez (5.48-0ubuntu3.7) bionic-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2019-8922.patch: check if there is enough space in
      lib/sdp.c.
    - CVE-2019-8922

-- Marc Deslauriers <email address hidden> Wed, 08 Dec 2021 07:57:30 -0500

bluez (5.48-0ubuntu3.6) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via memory leak in sdp_cstate_alloc_buf
    - debian/patches/CVE-2021-41229-pre1.patch: fix not checking if cstate
      length in src/sdpd-request.c.
    - debian/patches/CVE-2021-41229.patch: fix leaking buffers stored in
      cstates cache in src/sdpd-request.c, src/sdpd-server.c, src/sdpd.h,
      unit/test-sdp.c.
    - CVE-2021-41229
  * SECURITY UPDATE: use-after-free when client disconnects
    - debian/patches/CVE-2021-43400-pre1.patch: send device and link
      options with AcquireNotify in src/gatt-database.c.
    - debian/patches/CVE-2021-43400-pre2.patch: fix Acquire* reply handling
      in src/gatt-database.c.
    - debian/patches/CVE-2021-43400-pre3.patch: no multiple calls to
      AcquireWrite in src/gatt-database.c.
    - debian/patches/CVE-2021-43400-pre4.patch: provide MTU in ReadValue
      and WriteValue in src/gatt-database.c.
    - debian/patches/CVE-2021-43400.patch: fix not cleaning up when
      disconnected in src/gatt-database.c.
    - CVE-2021-43400

-- Marc Deslauriers <email address hidden> Wed, 17 Nov 2021 10:52:30 -0500

79f13ba... by Alfonso Sanchez-Beato on 2022-02-10

Update to 5.48-0ubuntu3.8 sources

9d1be39... by System Enablement CI Bot <email address hidden> on 2021-06-22

Open development for 5.48-4-dev

f5fe368... by System Enablement CI Bot <email address hidden> on 2021-06-22

Merge branch 'master' into stable

b2bf010... by System Enablement CI Bot <email address hidden> on 2021-06-22

Bump version to 5.48-3

538568a... by System Enablement CI Bot <email address hidden> on 2021-06-22

Update manifests to 5.48-3

snappy-hwe-snaps

~snappy-hwe-team/snappy-hwe-snaps/+git/bluez:stable

Branch merges

Related source package recipes

Related snap packages

Related charm recipes

Branch information

Recent commits