drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in BlueZ
Name: |
Preisgabe von Informationen in BlueZ |
|
ID: |
USN-3413-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04 |
|
Datum: |
Di, 12. September 2017, 23:52 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250 |
|
Applikationen: |
BlueZ |
|
Originalnachricht |
--===============8046424705882251697== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="lwsazs3lomtw7dft" Content-Disposition: inline
--lwsazs3lomtw7dft Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3413-1 September 12, 2017
bluez vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
BlueZ could be made to expose sensitive information over bluetooth.
Software Description: - bluez: Bluetooth tools and daemons
Details:
It was discovered that an information disclosure vulnerability existed in the Service Discovery Protocol (SDP) implementation in BlueZ. A physically proximate unauthenticated attacker could use this to disclose sensitive information. (CVE-2017-1000250)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: bluez 5.43-0ubuntu1.1 libbluetooth3 5.43-0ubuntu1.1
Ubuntu 16.04 LTS: bluez 5.37-0ubuntu5.1 libbluetooth3 5.37-0ubuntu5.1
Ubuntu 14.04 LTS: bluez 4.101-0ubuntu13.3 libbluetooth3 4.101-0ubuntu13.3
In general, a standard system update will make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3413-1 CVE-2017-1000250
Package Information: https://launchpad.net/ubuntu/+source/bluez/5.43-0ubuntu1.1 https://launchpad.net/ubuntu/+source/bluez/5.37-0ubuntu5.1 https://launchpad.net/ubuntu/+source/bluez/4.101-0ubuntu13.3
--lwsazs3lomtw7dft Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJZuDixAAoJEC8Jno0AXoH0Iu8QAJseDKwBsTF7C/wUOi0hU+p6 qC+yiXhU1tfUCIqD5EjYWxy9YdF3U4dClXHY/PEpE21kGi/IByrgL8y5AXJqPBw5 JtPZG9BF+3MUQXHHWeGjyxW5fGaVFo7lxYpYRcm5KcKXkWX6qa9HtVJjA2TWctec +vtA7IQ7VMlqQx690e0iRy0snBbZyCNxWWK0Wtl3r5kteIpO6mQBu6KqPbmfoy4F E3zOh18cH0DI2JeWKM0RBUOk3CRSVNGJSbkHIx4mB0iB23snTesrQWWfWSySyV+J L13tcOnsLvhl6HUYKtLc84GKtBQ35Z5bCoCc+E6cmHN3uWwU+bZRcDqkpfijIf+i df2gXo+93cddEDCKivawhd7xcqi98zQS9VJ+FdLOZRNe79fFFAqiRy4Y2G2uXYM5 lBL9/H/MvP8x+7ZJMBBFmOz0zN9SNYddRSs1THKxHhWpIKR5ceiJPO6Ew3QRCpqy qoBDdJe7lNKrovTfzQDNsSbLkyNtCdyrtWmSDftqMwg/EZnahmEYj6bNt6AYN+hC eK8Ep7X9nVv4M8oK8Cs4zLTrjYVwb7/g76xiYFp+oNv+3dY/Lg6kQWJ1btYtFlWF dGQZBKjG/DBuRTA//M+pl4qVWbhryetGJ9ZOzn+RC1AssEjrFsjkqxOvRUNie6TI 9HWJ5+W/DFwVWuyvqrqq =9M0n -----END PGP SIGNATURE-----
--lwsazs3lomtw7dft--
--===============8046424705882251697== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|