[Buildroot] [PATCH 1/1] package/bluez5_utils: security bump to version 5.62

Peter Korsgaard peter at korsgaard.com
Wed Nov 17 22:12:26 UTC 2021


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > - Drop second patch (already in version)
 > - Fix CVE-2021-43400: An issue was discovered in gatt-database.c in BlueZ
 >   5.61. A use-after-free can occur when a client disconnects during D-Bus
 >   processing of a WriteValue call.

 > http://www.bluez.org/release-of-bluez-5-62

This states "It recommends using the ELL version 0.44.". Do you know
how important this is? 2021.08.x has 0.41 and 2021.02.x has 0.35. Does
it need to be bumped as well?

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list