LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Moderate: bluez security update
Advisory ID:       SLSA-2017:2685-1
Issue Date:        2017-09-12
CVE Numbers:       CVE-2017-1000250
--

Security Fix(es):

* An information-disclosure flaw was found in the bluetoothd
implementation of the Service Discovery Protocol (SDP). A specially
crafted Bluetooth device could, without prior pairing or user
interaction, retrieve portions of the bluetoothd process memory,
including potentially sensitive information such as Bluetooth encryption
keys. (CVE-2017-1000250)
--

SL6
  x86_64
    bluez-4.66-2.el6_9.x86_64.rpm
    bluez-libs-4.66-2.el6_9.x86_64.rpm
    bluez-alsa-4.66-2.el6_9.x86_64.rpm
    bluez-compat-4.66-2.el6_9.x86_64.rpm
    bluez-cups-4.66-2.el6_9.x86_64.rpm
    bluez-gstreamer-4.66-2.el6_9.x86_64.rpm
    bluez-libs-devel-4.66-2.el6_9.x86_64.rpm
    bluez-libs-4.66-2.el6_9.i686.rpm
  i386
    bluez-alsa-4.66-2.el6_9.i686.rpm
    bluez-compat-4.66-2.el6_9.i686.rpm
    bluez-cups-4.66-2.el6_9.i686.rpm
    bluez-gstreamer-4.66-2.el6_9.i686.rpm
    bluez-libs-devel-4.66-2.el6_9.i686.rpm
    bluez-4.66-2.el6_9.i686.rpm
    bluez-libs-4.66-2.el6_9.i686.rpm
    bluez-debuginfo-4.66-2.el6_9.i686.rpm
SL7
  x86_64
    bluez-libs-devel-5.44-4.el7_4.x86_64.rpm
    bluez-libs-devel-5.44-4.el7_4.i686.rpm
    bluez-cups-5.44-4.el7_4.x86_64.rpm
    bluez-hid2hci-5.44-4.el7_4.x86_64.rpm
    bluez-5.44-4.el7_4.x86_64.rpm
    bluez-libs-5.44-4.el7_4.i686.rpm
    bluez-libs-5.44-4.el7_4.x86_64.rpm

- Scientific Linux Development Team