File _patchinfo of Package patchinfo.7360

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.7360

<patchinfo incident="7360">
  <issue id="1026652" tracker="bnc">VUL-1:  CVE-2016-7837: bluez: Buffer overflow in parse_line function</issue>
  <issue id="1057342" tracker="bnc">VUL-0: CVE-2017-1000250: bluez: information disclosure vulnerability in service_search_attr_req</issue>
  <issue id="1013877" tracker="bnc">VUL-0: CVE-2016-9804: bluez,bluez-hcidump:  buffer overflow in commands_dump()</issue>
  <issue id="1013721" tracker="bnc">VUL-0: CVE-2016-9800: bluez,bluez-hcidump: buffer overflow in pin_code_reply_dump()</issue>
  <issue id="2017-1000250" tracker="cve" />
  <issue id="2016-7837" tracker="cve" />
  <issue id="2016-9800" tracker="cve" />
  <issue id="2016-9804" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>acho</packager>
  <description>This update for bluez fixes the following issues:

Security issues fixed:

- CVE-2016-9800: Fix hcidump memory leak in pin_code_reply_dump() (bsc#1013721).
- CVE-2016-9804: Fix hcidump buffer overflow in commands_dump() (bsc#1013877).
- CVE-2016-7837: Fix possible buffer overflow, make sure we don't write past the end of the array (bsc#1026652).
- CVE-2017-1000250: Fix information disclosure vulnerability in service_search_attr_req (bsc#1057342).
</description>
  <summary>Security update for bluez</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.7360

Places