[Git][security-tracker-team/security-tracker][master] Track fixed version for bluez issues via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Jun 13 07:16:59 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ddb42aa6 by Salvatore Bonaccorso at 2021-06-13T08:16:34+02:00
Track fixed version for bluez issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -717,7 +717,7 @@ CVE-2021-34343
 CVE-2022-20001
 	RESERVED
 CVE-2021-3588 (The cli_feat_read_cb() function in src/gatt-database.c does not perfor ...)
-	- bluez <unfixed> (bug #989700)
+	- bluez 5.55-3.1 (bug #989700)
 	[buster] - bluez <not-affected> (Vulnerable code introduced later)
 	[stretch] - bluez <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/bluez/bluez/issues/70
@@ -47005,7 +47005,7 @@ CVE-2021-0131 (Use of cryptographically weak pseudo-random number generator (PRN
 CVE-2021-0130
 	RESERVED
 CVE-2021-0129 (Improper access control in BlueZ may allow an authenticated user to po ...)
-	- bluez <unfixed> (bug #989614)
+	- bluez 5.55-3.1 (bug #989614)
 	- linux 5.10.40-1
 	NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738
 	NOTE: https://git.kernel.org/linus/6d19628f539fccf899298ff02ee4c73e4bf6df3f
@@ -49835,7 +49835,7 @@ CVE-2020-26559 (Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 an
 	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960011
 CVE-2020-26558 (Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification ...)
-	- bluez <unfixed> (bug #989614)
+	- bluez 5.55-3.1 (bug #989614)
 	- linux 5.10.40-1
 	NOTE: https://kb.cert.org/vuls/id/799380
 	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/passkey-entry/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddb42aa6ce17e04b331d3f322fed828567919621

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddb42aa6ce17e04b331d3f322fed828567919621
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210613/2b495304/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list