Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ddb42aa6 by Salvatore Bonaccorso at 2021-06-13T08:16:34+02:00 Track fixed version for bluez issues via unstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -717,7 +717,7 @@ CVE-2021-34343 CVE-2022-20001 RESERVED CVE-2021-3588 (The cli_feat_read_cb() function in src/gatt-database.c does not perfor ...) - - bluez <unfixed> (bug #989700) + - bluez 5.55-3.1 (bug #989700) [buster] - bluez <not-affected> (Vulnerable code introduced later) [stretch] - bluez <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/bluez/bluez/issues/70 @@ -47005,7 +47005,7 @@ CVE-2021-0131 (Use of cryptographically weak pseudo-random number generator (PRN CVE-2021-0130 RESERVED CVE-2021-0129 (Improper access control in BlueZ may allow an authenticated user to po ...) - - bluez <unfixed> (bug #989614) + - bluez 5.55-3.1 (bug #989614) - linux 5.10.40-1 NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738 NOTE: https://git.kernel.org/linus/6d19628f539fccf899298ff02ee4c73e4bf6df3f @@ -49835,7 +49835,7 @@ CVE-2020-26559 (Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 an NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960011 CVE-2020-26558 (Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification ...) - - bluez <unfixed> (bug #989614) + - bluez 5.55-3.1 (bug #989614) - linux 5.10.40-1 NOTE: https://kb.cert.org/vuls/id/799380 NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/passkey-entry/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddb42aa6ce17e04b331d3f322fed828567919621 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddb42aa6ce17e04b331d3f322fed828567919621 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits