File _patchinfo of Package patchinfo.10315

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.10315

<patchinfo incident="10315">
  <issue tracker="bnc" id="1015173">VUL-1: CVE-2016-9918: bluez,bluez-hcidump:  Out of bounds stack read in packet_hexdump()</issue>
  <issue tracker="bnc" id="1013712">VUL-0: CVE-2016-9798: bluez,bluez-hcidump: use-after-free in conf_opt()</issue>
  <issue tracker="bnc" id="1013893">VUL-0: CVE-2016-9802: bluez: buffer over-read in l2cap_packet()</issue>
  <issue tracker="bnc" id="1015171">VUL-1: CVE-2016-9917: bluez,bluez-hcidump: Heap-based buffer overflow vulnerability in read_n()</issue>
  <issue tracker="bnc" id="1013708">VUL-0: CVE-2016-9797: bluez,bluez-hcidump: buffer over-read in l2cap_dump()</issue>
  <issue tracker="cve" id="2016-9917"/>
  <issue tracker="cve" id="2016-9802"/>
  <issue tracker="cve" id="2016-9798"/>
  <issue tracker="cve" id="2016-9797"/>
  <issue tracker="cve" id="2016-9918"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>acho</packager>
  <description>This update for bluez fixes the following issues:

Security vulnerability addressed:

- CVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).
- CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).
- CVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).
- CVE-2016-9802: Fixed a buffer over-read in l2cap_packet() (bsc#1013893).
- CVE-2016-9918: Fixed an out-of-bounds stack read in packet_hexdump(),
  which could be triggered by processing a corrupted dump file and will result
  in a crash of the hcidump tool (bsc#1015173)
</description>
  <summary>Security update for bluez</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.10315

Places