You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa bluez

Sigurnosni nedostatak programskog paketa bluez

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-3413-1
September 12, 2017

bluez vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.04
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

BlueZ could be made to expose sensitive information over bluetooth.

Software Description:
– bluez: Bluetooth tools and daemons

Details:

It was discovered that an information disclosure vulnerability existed
in the Service Discovery Protocol (SDP) implementation in BlueZ. A
physically proximate unauthenticated attacker could use this to
disclose sensitive information. (CVE-2017-1000250)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
bluez 5.43-0ubuntu1.1
libbluetooth3 5.43-0ubuntu1.1

Ubuntu 16.04 LTS:
bluez 5.37-0ubuntu5.1
libbluetooth3 5.37-0ubuntu5.1

Ubuntu 14.04 LTS:
bluez 4.101-0ubuntu13.3
libbluetooth3 4.101-0ubuntu13.3

In general, a standard system update will make all the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3413-1
CVE-2017-1000250

Package Information:
https://launchpad.net/ubuntu/+source/bluez/5.43-0ubuntu1.1
https://launchpad.net/ubuntu/+source/bluez/5.37-0ubuntu5.1
https://launchpad.net/ubuntu/+source/bluez/4.101-0ubuntu13.3

—–BEGIN PGP SIGNATURE—–

iQIcBAABCgAGBQJZuDixAAoJEC8Jno0AXoH0Iu8QAJseDKwBsTF7C/wUOi0hU+p6
qC+yiXhU1tfUCIqD5EjYWxy9YdF3U4dClXHY/PEpE21kGi/IByrgL8y5AXJqPBw5
JtPZG9BF+3MUQXHHWeGjyxW5fGaVFo7lxYpYRcm5KcKXkWX6qa9HtVJjA2TWctec
+vtA7IQ7VMlqQx690e0iRy0snBbZyCNxWWK0Wtl3r5kteIpO6mQBu6KqPbmfoy4F
E3zOh18cH0DI2JeWKM0RBUOk3CRSVNGJSbkHIx4mB0iB23snTesrQWWfWSySyV+J
L13tcOnsLvhl6HUYKtLc84GKtBQ35Z5bCoCc+E6cmHN3uWwU+bZRcDqkpfijIf+i
df2gXo+93cddEDCKivawhd7xcqi98zQS9VJ+FdLOZRNe79fFFAqiRy4Y2G2uXYM5
lBL9/H/MvP8x+7ZJMBBFmOz0zN9SNYddRSs1THKxHhWpIKR5ceiJPO6Ew3QRCpqy
qoBDdJe7lNKrovTfzQDNsSbLkyNtCdyrtWmSDftqMwg/EZnahmEYj6bNt6AYN+hC
eK8Ep7X9nVv4M8oK8Cs4zLTrjYVwb7/g76xiYFp+oNv+3dY/Lg6kQWJ1btYtFlWF
dGQZBKjG/DBuRTA//M+pl4qVWbhryetGJ9ZOzn+RC1AssEjrFsjkqxOvRUNie6TI
9HWJ5+W/DFwVWuyvqrqq
=9M0n
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa xen

Otkriveni su sigurnosni nedostaci u programskom paketu xen za operacijski sustav SUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close