diff -Nru bluez-5.48/debian/changelog bluez-5.48/debian/changelog --- bluez-5.48/debian/changelog 2020-03-23 20:26:28.000000000 +0800 +++ bluez-5.48/debian/changelog 2020-07-17 17:06:22.000000000 +0800 @@ -1,3 +1,10 @@ +bluez (5.48-0ubuntu3.5) UNRELEASED; urgency=medium + + * add 0018-shared-queue-Handle-NULL-as-direct-match-on-queue_re.patch + (LP: #1887910). + + -- Fri, 17 Jul 2020 17:06:22 +0800 + bluez (5.48-0ubuntu3.4) bionic-security; urgency=medium * SECURITY UPDATE: privilege escalation via improper access control diff -Nru bluez-5.48/debian/patches/0018-shared-queue-Handle-NULL-as-direct-match-on-queue_re.patch bluez-5.48/debian/patches/0018-shared-queue-Handle-NULL-as-direct-match-on-queue_re.patch --- bluez-5.48/debian/patches/0018-shared-queue-Handle-NULL-as-direct-match-on-queue_re.patch 1970-01-01 08:00:00.000000000 +0800 +++ bluez-5.48/debian/patches/0018-shared-queue-Handle-NULL-as-direct-match-on-queue_re.patch 2020-07-17 16:44:36.000000000 +0800 @@ -0,0 +1,28 @@ +From: Luiz Augusto von Dentz +Date: Mon, 9 Apr 2018 14:48:41 +0300 +Subject: shared/queue: Handle NULL as direct match on queue_remove_if + +As with queue_find when function is set to NULL use direct_match as +callback. +--- + src/shared/queue.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/shared/queue.c b/src/shared/queue.c +index 5ddb832..60df111 100644 +--- a/src/shared/queue.c ++++ b/src/shared/queue.c +@@ -280,9 +280,12 @@ void *queue_remove_if(struct queue *queue, queue_match_func_t function, + { + struct queue_entry *entry, *prev = NULL; + +- if (!queue || !function) ++ if (!queue) + return NULL; + ++ if (!function) ++ function = direct_match; ++ + entry = queue->head; + + while (entry) { diff -Nru bluez-5.48/debian/patches/series bluez-5.48/debian/patches/series --- bluez-5.48/debian/patches/series 2020-03-23 20:26:23.000000000 +0800 +++ bluez-5.48/debian/patches/series 2020-07-17 17:06:22.000000000 +0800 @@ -18,3 +18,4 @@ CVE-2020-0556-2.patch CVE-2020-0556-3.patch CVE-2020-0556-4.patch +0018-shared-queue-Handle-NULL-as-direct-match-on-queue_re.patch