* SECURITY UPDATE: various security improvements (LP: #1977968)
- debian/patches/avdtp-security.patch: check if capabilities are valid
before attempting to copy them in profiles/audio/avdtp.c.
- debian/patches/avdtp-security-2.patch: fix size comparison and
variable misassignment in profiles/audio/avdtp.c.
- debian/patches/avrcp-security.patch: make sure the number of bytes in
the params_len matches the remaining bytes received so the code don't
end up accessing invalid memory in profiles/audio/avrcp.c.
- No CVE numbers
-- Marc Deslauriers <email address hidden> Wed, 08 Jun 2022 07:09:00 -0400
This bug was fixed in the package bluez - 5.53-0ubuntu3.6
---------------
bluez (5.53-0ubuntu3.6) focal-security; urgency=medium
* SECURITY UPDATE: various security improvements (LP: #1977968) patches/ avdtp-security. patch: check if capabilities are valid audio/avdtp. c. patches/ avdtp-security- 2.patch: fix size comparison and audio/avdtp. c. patches/ avrcp-security. patch: make sure the number of bytes in audio/avrcp. c.
- debian/
before attempting to copy them in profiles/
- debian/
variable misassignment in profiles/
- debian/
the params_len matches the remaining bytes received so the code don't
end up accessing invalid memory in profiles/
- No CVE numbers
-- Marc Deslauriers <email address hidden> Wed, 08 Jun 2022 07:09:00 -0400