- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-3413-1
September 12, 2017
bluez vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 17.04
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
BlueZ could be made to expose sensitive information over bluetooth.
Software Description:
– bluez: Bluetooth tools and daemons
Details:
It was discovered that an information disclosure vulnerability existed
in the Service Discovery Protocol (SDP) implementation in BlueZ. A
physically proximate unauthenticated attacker could use this to
disclose sensitive information. (CVE-2017-1000250)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
bluez 5.43-0ubuntu1.1
libbluetooth3 5.43-0ubuntu1.1
Ubuntu 16.04 LTS:
bluez 5.37-0ubuntu5.1
libbluetooth3 5.37-0ubuntu5.1
Ubuntu 14.04 LTS:
bluez 4.101-0ubuntu13.3
libbluetooth3 4.101-0ubuntu13.3
In general, a standard system update will make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3413-1
CVE-2017-1000250
Package Information:
https://launchpad.net/ubuntu/+source/bluez/5.43-0ubuntu1.1
https://launchpad.net/ubuntu/+source/bluez/5.37-0ubuntu5.1
https://launchpad.net/ubuntu/+source/bluez/4.101-0ubuntu13.3
—–BEGIN PGP SIGNATURE—–
iQIcBAABCgAGBQJZuDixAAoJEC8Jno0AXoH0Iu8QAJseDKwBsTF7C/wUOi0hU+p6
qC+yiXhU1tfUCIqD5EjYWxy9YdF3U4dClXHY/PEpE21kGi/IByrgL8y5AXJqPBw5
JtPZG9BF+3MUQXHHWeGjyxW5fGaVFo7lxYpYRcm5KcKXkWX6qa9HtVJjA2TWctec
+vtA7IQ7VMlqQx690e0iRy0snBbZyCNxWWK0Wtl3r5kteIpO6mQBu6KqPbmfoy4F
E3zOh18cH0DI2JeWKM0RBUOk3CRSVNGJSbkHIx4mB0iB23snTesrQWWfWSySyV+J
L13tcOnsLvhl6HUYKtLc84GKtBQ35Z5bCoCc+E6cmHN3uWwU+bZRcDqkpfijIf+i
df2gXo+93cddEDCKivawhd7xcqi98zQS9VJ+FdLOZRNe79fFFAqiRy4Y2G2uXYM5
lBL9/H/MvP8x+7ZJMBBFmOz0zN9SNYddRSs1THKxHhWpIKR5ceiJPO6Ew3QRCpqy
qoBDdJe7lNKrovTfzQDNsSbLkyNtCdyrtWmSDftqMwg/EZnahmEYj6bNt6AYN+hC
eK8Ep7X9nVv4M8oK8Cs4zLTrjYVwb7/g76xiYFp+oNv+3dY/Lg6kQWJ1btYtFlWF
dGQZBKjG/DBuRTA//M+pl4qVWbhryetGJ9ZOzn+RC1AssEjrFsjkqxOvRUNie6TI
9HWJ5+W/DFwVWuyvqrqq
=9M0n
—–END PGP SIGNATURE—–
—
| Autor | Vlatka Misic |
| Cert id | NCERT-REF-2017-09-0070-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
