[Buildroot] [PATCH 1/1] package/bluez5_utils: security bump to version 5.62
Fabrice Fontaine
fontaine.fabrice at gmail.com
Thu Nov 18 21:16:21 UTC 2021
Le mer. 17 nov. 2021 à 23:12, Peter Korsgaard <peter at korsgaard.com> a écrit :
>
> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
>
> > - Drop second patch (already in version)
> > - Fix CVE-2021-43400: An issue was discovered in gatt-database.c in BlueZ
> > 5.61. A use-after-free can occur when a client disconnects during D-Bus
> > processing of a WriteValue call.
>
> > http://www.bluez.org/release-of-bluez-5-62
>
> This states "It recommends using the ELL version 0.44.". Do you know
> how important this is? 2021.08.x has 0.41 and 2021.02.x has 0.35. Does
> it need to be bumped as well?
Nope, I don't know.
>
> --
> Bye, Peter Korsgaard
Best Regards,
Fabrice
More information about the buildroot
mailing list