Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in BlueZ
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in BlueZ
ID: SSA:2017-258-01
Distribution: Slackware
Plattformen: Slackware -current, Slackware x86_64 -current, Slackware x86_64 13.1, Slackware 13.1, Slackware x86_64 13.37, Slackware 13.37, Slackware 14.0, Slackware x86_64 14.0, Slackware 14.1, Slackware x86_64 14.1, Slackware 14.2, Slackware x86_64 14.2
Datum: Sa, 16. September 2017, 08:09
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250
Applikationen: BlueZ

Originalnachricht


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] bluez (SSA:2017-258-01)

New bluez packages are available for Slackware 13.1, 13.37, 14.0, 14.1, 14.2,
and -current to fix a security issue.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bluez-5.47-i586-1_slack14.2.txz: Upgraded.
Fixed an information disclosure vulnerability which allows remote attackers
to obtain sensitive information from the bluetoothd process memory. This
vulnerability lies in the processing of SDP search attribute requests.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.1:
bluez-4.64-i486-2_slack13.1.txz

Updated package for Slackware x86_64 13.1:
bluez-4.64-x86_64-2_slack13.1.txz

Updated package for Slackware 13.37:
bluez-4.91-i486-2_slack13.37.txz

Updated package for Slackware x86_64 13.37:
bluez-4.91-x86_64-2_slack13.37.txz

Updated package for Slackware 14.0:
bluez-4.99-i486-3_slack14.0.txz

Updated package for Slackware x86_64 14.0:
bluez-4.99-x86_64-3_slack14.0.txz

Updated package for Slackware 14.1:
bluez-4.99-i486-4_slack14.1.txz

Updated package for Slackware x86_64 14.1:
bluez-4.99-x86_64-4_slack14.1.txz

Updated package for Slackware 14.2:
bluez-5.47-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
bluez-5.47-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
bluez-5.47-i586-1.txz

Updated package for Slackware x86_64 -current:
bluez-5.47-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 13.1 package:
c34a144a27aecf012ae0f6d4e9d23ec7 bluez-4.64-i486-2_slack13.1.txz

Slackware x86_64 13.1 package:
00fdad5615839cb6846780890ecd473d bluez-4.64-x86_64-2_slack13.1.txz

Slackware 13.37 package:
0b24842a0c3e6b19bdd45705a155f82f bluez-4.91-i486-2_slack13.37.txz

Slackware x86_64 13.37 package:
01ec2415e62f36ba954ad18316089963 bluez-4.91-x86_64-2_slack13.37.txz

Slackware 14.0 package:
eadceb46961b159ea4580c65f37e1bb3 bluez-4.99-i486-3_slack14.0.txz

Slackware x86_64 14.0 package:
7a8c9f38fbfca7c8dd35997dbe1e6da2 bluez-4.99-x86_64-3_slack14.0.txz

Slackware 14.1 package:
51a0d2992312419dfcdce2335635d613 bluez-4.99-i486-4_slack14.1.txz

Slackware x86_64 14.1 package:
9b1016510c7292343e81263bee3f6710 bluez-4.99-x86_64-4_slack14.1.txz

Slackware 14.2 package:
7ee07b8ee57a8272703bcc706d148d75 bluez-5.47-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
0a28a8a20122ee46d3ebeb68450d139d bluez-5.47-x86_64-1_slack14.2.txz

Slackware -current package:
230c704d9f97690c8eee0bb32aed2c50 n/bluez-5.47-i586-1.txz

Slackware x86_64 -current package:
2d4d0f25675d824f445c0fbd74c453ee n/bluez-5.47-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg bluez-5.47-i586-1_slack14.2.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlm8ESoACgkQakRjwEAQIjO44gCdHrmnMavTatSV6bsNF7A0B/r3
0sEAn3VxcT+P8bibtAp76xDc0vlFRUih
=bwLT
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung