[Buildroot] [PATCH 1/1] package/bluez5_utils: security bump to version 5.62

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sat Nov 13 17:04:38 UTC 2021


On Sat, 13 Nov 2021 17:32:41 +0100
Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:

> - Drop second patch (already in version)
> - Fix CVE-2021-43400: An issue was discovered in gatt-database.c in BlueZ
>   5.61. A use-after-free can occur when a client disconnects during D-Bus
>   processing of a WriteValue call.
> 
> http://www.bluez.org/release-of-bluez-5-62
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
> ---
>  .../bluez5_utils-headers.mk                   |  2 +-
>  ...-profiles-audio-media.c-rename-pause.patch | 52 -------------------
>  package/bluez5_utils/bluez5_utils.hash        |  2 +-
>  package/bluez5_utils/bluez5_utils.mk          |  2 +-
>  4 files changed, 3 insertions(+), 55 deletions(-)
>  delete mode 100644 package/bluez5_utils/0002-profiles-audio-media.c-rename-pause.patch

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


More information about the buildroot mailing list