[Buildroot] [PATCH 1/1] package/bluez5_utils: security bump to version 5.62

Fabrice Fontaine fontaine.fabrice at gmail.com
Thu Nov 18 21:16:21 UTC 2021


Le mer. 17 nov. 2021 à 23:12, Peter Korsgaard <peter at korsgaard.com> a écrit :
>
> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
>
>  > - Drop second patch (already in version)
>  > - Fix CVE-2021-43400: An issue was discovered in gatt-database.c in BlueZ
>  >   5.61. A use-after-free can occur when a client disconnects during D-Bus
>  >   processing of a WriteValue call.
>
>  > http://www.bluez.org/release-of-bluez-5-62
>
> This states "It recommends using the ELL version 0.44.". Do you know
> how important this is? 2021.08.x has 0.41 and 2021.02.x has 0.35. Does
> it need to be bumped as well?
Nope, I don't know.
>
> --
> Bye, Peter Korsgaard
Best Regards,

Fabrice


More information about the buildroot mailing list