Scientific Linux alert SLSA-2017:2685-1 (bluez)
| From: | Pat Riehecky <riehecky@fnal.gov> | |
| To: | <scientific-linux-errata@listserv.fnal.gov> | |
| Subject: | Security ERRATA Moderate: bluez on SL6.x, SL7.x i386/x86_64 | |
| Date: | Tue, 12 Sep 2017 20:12:50 +0000 | |
| Message-ID: | <20170912201250.7073.61479@slpackages.fnal.gov> |
Synopsis: Moderate: bluez security update Advisory ID: SLSA-2017:2685-1 Issue Date: 2017-09-12 CVE Numbers: CVE-2017-1000250 -- Security Fix(es): * An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol (SDP). A specially crafted Bluetooth device could, without prior pairing or user interaction, retrieve portions of the bluetoothd process memory, including potentially sensitive information such as Bluetooth encryption keys. (CVE-2017-1000250) -- SL6 x86_64 bluez-4.66-2.el6_9.x86_64.rpm bluez-libs-4.66-2.el6_9.x86_64.rpm bluez-alsa-4.66-2.el6_9.x86_64.rpm bluez-compat-4.66-2.el6_9.x86_64.rpm bluez-cups-4.66-2.el6_9.x86_64.rpm bluez-gstreamer-4.66-2.el6_9.x86_64.rpm bluez-libs-devel-4.66-2.el6_9.x86_64.rpm bluez-libs-4.66-2.el6_9.i686.rpm i386 bluez-alsa-4.66-2.el6_9.i686.rpm bluez-compat-4.66-2.el6_9.i686.rpm bluez-cups-4.66-2.el6_9.i686.rpm bluez-gstreamer-4.66-2.el6_9.i686.rpm bluez-libs-devel-4.66-2.el6_9.i686.rpm bluez-4.66-2.el6_9.i686.rpm bluez-libs-4.66-2.el6_9.i686.rpm bluez-debuginfo-4.66-2.el6_9.i686.rpm SL7 x86_64 bluez-libs-devel-5.44-4.el7_4.x86_64.rpm bluez-libs-devel-5.44-4.el7_4.i686.rpm bluez-cups-5.44-4.el7_4.x86_64.rpm bluez-hid2hci-5.44-4.el7_4.x86_64.rpm bluez-5.44-4.el7_4.x86_64.rpm bluez-libs-5.44-4.el7_4.i686.rpm bluez-libs-5.44-4.el7_4.x86_64.rpm - Scientific Linux Development Team