Security update for bluez
This update for bluez fixes the following issues:
Security issues fixed:
- CVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).
- CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).
- CVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Al Cho (acho)
Fixed bugs
bnc#1013712
VUL-0: CVE-2016-9798: bluez,bluez-hcidump: use-after-free in conf_opt()
bnc#1015171
VUL-1: CVE-2016-9917: bluez,bluez-hcidump: Heap-based buffer overflow vulnerability in read_n()
bnc#1013893
VUL-0: CVE-2016-9802: bluez: buffer over-read in l2cap_packet()
bnc#1013708
VUL-0: CVE-2016-9797: bluez,bluez-hcidump: buffer over-read in l2cap_dump()
