Overview

File _patchinfo of Package patchinfo.11053

<patchinfo incident="11053">
  <issue tracker="bnc" id="1013712">VUL-0: CVE-2016-9798: bluez,bluez-hcidump: use-after-free in conf_opt()</issue>
  <issue tracker="bnc" id="1015171">VUL-1: CVE-2016-9917: bluez,bluez-hcidump: Heap-based buffer overflow vulnerability in read_n()</issue>
  <issue tracker="bnc" id="1013893">VUL-0: CVE-2016-9802: bluez: buffer over-read in l2cap_packet()</issue>
  <issue tracker="bnc" id="1013708">VUL-0: CVE-2016-9797: bluez,bluez-hcidump: buffer over-read in l2cap_dump()</issue>
  <issue tracker="cve" id="2016-9798"/>
  <issue tracker="cve" id="2016-9917"/>
  <issue tracker="cve" id="2016-9797"/>
  <issue tracker="cve" id="2016-9802"/>
  <packager>acho</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for bluez</summary>
  <description>This update for bluez fixes the following issues:

Security issues fixed:

- CVE-2016-9797: Fixed a buffer over-read in l2cap_dump() (bsc#1013708).
- CVE-2016-9798: Fixed a use-after-free in conf_opt() (bsc#1013712).
- CVE-2016-9917: Fixed a heap-based buffer overflow in read_n() (bsc#1015171).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places