|
|
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] bluez (SSA:2017-258-01)
Date: Fri, 15 Sep 2017 13:16:56 -0700 (PDT) |
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] bluez (SSA:2017-258-01)
New bluez packages are available for Slackware 13.1, 13.37, 14.0, 14.1, 14.2,
and -current to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/bluez-5.47-i586-1_slack14.2.txz: Upgraded.
Fixed an information disclosure vulnerability which allows remote attackers
to obtain sensitive information from the bluetoothd process memory. This
vulnerability lies in the processing of SDP search attribute requests.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000250
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bluez-4.64-i486-2_slack13.1.txz
Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bluez-4.64-x86_64-2_slack13.1.txz
Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bluez-4.91-i486-2_slack13.37.txz
Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bluez-4.91-x86_64-2_slack13.37.txz
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bluez-4.99-i486-3_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bluez-4.99-x86_64-3_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bluez-4.99-i486-4_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bluez-4.99-x86_64-4_slack14.1.txz
Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/bluez-5.47-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/bluez-5.47-x86_64-1_slack14.2.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bluez-5.47-i586-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bluez-5.47-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 13.1 package:
c34a144a27aecf012ae0f6d4e9d23ec7 bluez-4.64-i486-2_slack13.1.txz
Slackware x86_64 13.1 package:
00fdad5615839cb6846780890ecd473d bluez-4.64-x86_64-2_slack13.1.txz
Slackware 13.37 package:
0b24842a0c3e6b19bdd45705a155f82f bluez-4.91-i486-2_slack13.37.txz
Slackware x86_64 13.37 package:
01ec2415e62f36ba954ad18316089963 bluez-4.91-x86_64-2_slack13.37.txz
Slackware 14.0 package:
eadceb46961b159ea4580c65f37e1bb3 bluez-4.99-i486-3_slack14.0.txz
Slackware x86_64 14.0 package:
7a8c9f38fbfca7c8dd35997dbe1e6da2 bluez-4.99-x86_64-3_slack14.0.txz
Slackware 14.1 package:
51a0d2992312419dfcdce2335635d613 bluez-4.99-i486-4_slack14.1.txz
Slackware x86_64 14.1 package:
9b1016510c7292343e81263bee3f6710 bluez-4.99-x86_64-4_slack14.1.txz
Slackware 14.2 package:
7ee07b8ee57a8272703bcc706d148d75 bluez-5.47-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
0a28a8a20122ee46d3ebeb68450d139d bluez-5.47-x86_64-1_slack14.2.txz
Slackware -current package:
230c704d9f97690c8eee0bb32aed2c50 n/bluez-5.47-i586-1.txz
Slackware x86_64 -current package:
2d4d0f25675d824f445c0fbd74c453ee n/bluez-5.47-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg bluez-5.47-i586-1_slack14.2.txz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAlm8ESoACgkQakRjwEAQIjO44gCdHrmnMavTatSV6bsNF7A0B/r3
0sEAn3VxcT+P8bibtAp76xDc0vlFRUih
=bwLT
-----END PGP SIGNATURE-----
|
| |