code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Marta Rybczynska <rybczynska@gmail.com>
	Tue, 14 Dec 2021 09:50:27 +0000 (10:50 +0100)
committer	Steve Sakoman <steve@sakoman.com>
	Wed, 15 Dec 2021 14:10:47 +0000 (04:10 -1000)
commit	573ff24c5ba7836b4dd7f95b6e7c7244b80f9d00
tree	fcfbe7a52fec288a9a5bb04153de6fa0a0b6c563	tree \| snapshot
parent	90a07178ea26be453d101c2e8b33d3a0f437635d	commit \| diff

bluez: fix CVE-2021-0129

Improper access control in BlueZ may allow an authenticated user to
potentially enable information disclosure via adjacent access.

This issue can be fixed in the kernel, in BlueZ or both. This patch
fixes it on the BlueZ side, so that the configuration no longer
depends on the kernel fix.

https://nvd.nist.gov/vuln/detail/CVE-2021-012

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-connectivity/bluez5/bluez5.inc		diff \| blob \| history
meta/recipes-connectivity/bluez5/bluez5/CVE-2021-0129.patch	[new file with mode: 0644]	blob

Mirror of the official openembedded-core repository

RSS Atom