Raspbian

bluetooth security issues( CVE-2017-1000250 )

Bug #1717248 reported by KenichiroMATOHARA on 2017-09-14

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Raspbian	New	Undecided	Unassigned

Bug Description

hello.

My Raspbian running PI ZERO W bluez seems to have a problem with CVE-2017-1000250.
It appears to be fixed in Debian.
https://www.debian.org/security/2017/dsa-3972

pi@raspberrypi:~ $ uname -a
Linux raspberrypi 4.9.50+ #1035 Wed Sep 13 22:53:09 BST 2017 armv6l GNU/Linux
pi@raspberrypi:~ $ dpkg-query -W bluez
bluez 5.43-2+rpi1
pi@raspberrypi:~ $ dpkg -s libc6 | grep ^Version
Version: 2.24-11+deb9u1

Tags:

Revision history for this message

peter green (plugwash) wrote on 2017-09-14:

5.43-2+rpi1 is a raspberry pi package. I just spoke to them now and they have released a fixed version 5.43-2+rpt1+deb9u1

information type:

Private Security → Public Security

Pander (pander) on 2019-07-17

tags:

added: bluetooth bluez

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.