* SECURITY UPDATE: various security improvements (LP: #1977968)
- debian/patches/avdtp-security.patch: check if capabilities are valid
before attempting to copy them in profiles/audio/avdtp.c.
- debian/patches/avdtp-security-2.patch: fix size comparison and
variable misassignment in profiles/audio/avdtp.c.
- debian/patches/avrcp-security.patch: make sure the number of bytes in
the params_len matches the remaining bytes received so the code don't
end up accessing invalid memory in profiles/audio/avrcp.c.
- No CVE numbers
-- Marc Deslauriers <email address hidden> Wed, 08 Jun 2022 07:19:20 -0400
This bug was fixed in the package bluez - 5.48-0ubuntu3.9
---------------
bluez (5.48-0ubuntu3.9) bionic-security; urgency=medium
* SECURITY UPDATE: various security improvements (LP: #1977968) patches/ avdtp-security. patch: check if capabilities are valid audio/avdtp. c. patches/ avdtp-security- 2.patch: fix size comparison and audio/avdtp. c. patches/ avrcp-security. patch: make sure the number of bytes in audio/avrcp. c.
- debian/
before attempting to copy them in profiles/
- debian/
variable misassignment in profiles/
- debian/
the params_len matches the remaining bytes received so the code don't
end up accessing invalid memory in profiles/
- No CVE numbers
-- Marc Deslauriers <email address hidden> Wed, 08 Jun 2022 07:19:20 -0400