drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in BlueZ
Name: |
Preisgabe von Informationen in BlueZ |
|
ID: |
DSA-3972-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie, Debian stretch |
|
Datum: |
Mi, 13. September 2017, 16:44 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250 |
|
Applikationen: |
BlueZ |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3972-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2017 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : bluez CVE ID : CVE-2017-1000250 Debian Bug : 875633
An information disclosure vulnerability was discovered in the Service Discovery Protocol (SDP) in bluetoothd, allowing a proximate attacker to obtain sensitive information from bluetoothd process memory, including Bluetooth encryption keys.
For the oldstable distribution (jessie), this problem has been fixed in version 5.23-2+deb8u1.
For the stable distribution (stretch), this problem has been fixed in version 5.43-2+deb9u1.
We recommend that you upgrade your bluez packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlm5GVZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TJWxAAhqBjUve/5G0EyxWmnBiSim1gwWAazeSl6xwzIE2hELUxzoQFuXypmtqo EaFbxsLm7d9mCPSXXQt3QYPS43nW4l2foFOHFDpwdaEkLnpj8g6YdEgXIkUbpU0T bn5hT7VwKdxQUV2Dh1TTJttk6HgiGaASpLYhs4dAXFNYCtiAyrfmR4XBYpm0P0dW AGtI6wDqIWXRu4mJN25gaCLKHlbv0L9iF9C0D2/ldPJG2MDvaQlisSNtyI34FTWu YuMuNf8HVKmmGAZ8fLAM5qIII8HJ1I8USkS3DlYTkPffrXIeSZzRjRIhpiF9BicZ 42XSeJxfB/OzLdO9LtWtp5Hu9gZRQt12nLFH1p65QXSro5sBw7Fau5bfZUr8eAyt KD4B5582I2niG96rQ6nEWyO09QqEWCu1pGq8XHLFNyJStYTtVN3ewNiDzigWwZND 8RzyqSL/2Jy8Mjt5e8Hqyrv57haq15wNH4fZcy5vIadSwfWFv89jQhEvn5hNOS4Q 3Kg2lRoS9MspW4VdiqGDQg/yJX3c0bSIC/O+WVXT3WSIRS0D5nvtOKiuMKMvm3CI RLh9qEpE6wa7y3qlbNOo6yO2o8UrXZPU1la3BbXQySLfs8gr+kLPwsDDGzxMUPd+ d6sphtoPgqTRtJRuY0TLCc391hsDKWAOX3OSJCeJjeF6a9XqfRg= =9IIv -----END PGP SIGNATURE-----
|
|
|
|