Debian Package Tracker

general

source: bluez (main)
version: 5.50-1
maintainer: Debian Bluetooth Maintainers [DMD]
uploaders: Nobuhiro Iwamatsu [DMD]
arch: all
std-ver: 4.1.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.99-2
o-o-sec: 4.99-2+deb7u1
oldstable: 5.23-2+deb8u1
old-sec: 5.23-2+deb8u1
stable: 5.43-2+deb9u1
stable-sec: 5.43-2+deb9u1
testing: 5.50-1
unstable: 5.50-1

versioned links

4.99-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.99-2+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.23-2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.43-2+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.50-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bluetooth
bluez
bluez-cups
bluez-hcidump
bluez-obexd
bluez-test-scripts
bluez-test-tools
libbluetooth-dev
libbluetooth3

action needed

11 security issues in buster high

There are 11 open security issues in buster.

11 important issues:

CVE-2016-9801: In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
CVE-2016-9800: In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter.
CVE-2016-9802: In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9797: In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2018-10910:
CVE-2016-9803: In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.
CVE-2016-9918: In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9799: In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9917: In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9804: In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9798: In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Please fix them.

Created: 2017-06-18 Last update: 2018-09-04 15:44

11 security issues in sid high

There are 11 open security issues in sid.

11 important issues:

CVE-2016-9801: In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
CVE-2016-9800: In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter.
CVE-2016-9802: In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9797: In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2018-10910:
CVE-2016-9803: In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.
CVE-2016-9918: In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9799: In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9917: In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9804: In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9798: In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Please fix them.

Created: 2016-12-05 Last update: 2018-09-04 15:44

lintian reports 28 warnings high

Lintian reports 28 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2015-03-03 Last update: 2018-08-01 07:45

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2018-10-01 Last update: 2018-11-12 21:33

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

bluetooth could be marked Multi-Arch: foreign
bluez-test-scripts could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2018-11-12 15:31

12 ignored security issues in jessie low

There are 12 open security issues in jessie.

12 issues skipped by the security teams:

CVE-2016-9801: In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
CVE-2016-9800: In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter.
CVE-2016-9802: In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2018-10910:
CVE-2016-9797: In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-7837: Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.
CVE-2016-9804: In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9803: In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.
CVE-2016-9918: In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9917: In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9799: In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9798: In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Please fix them.

Created: 2016-12-05 Last update: 2018-09-04 15:44

11 ignored security issues in stretch low

There are 11 open security issues in stretch.

11 issues skipped by the security teams:

CVE-2016-9801: In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
CVE-2016-9800: In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "pin_code_reply_cp *cp" parameter.
CVE-2016-9802: In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9797: In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2018-10910:
CVE-2016-9803: In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.
CVE-2016-9918: In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9799: In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
CVE-2016-9917: In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9804: In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm->ptr" parameter. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
CVE-2016-9798: In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.

Please fix them.

Created: 2016-12-05 Last update: 2018-09-04 15:44

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.1.3).

Created: 2018-04-11 Last update: 2018-08-26 08:17

testing migrations

This package will soon be part of the auto-readline transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2018-08-03] bluez 5.50-1 MIGRATED to testing (Debian testing watch)
[2018-07-29] Accepted bluez 5.50-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2018-05-28] bluez 5.49-4 MIGRATED to testing (Debian testing watch)
[2018-05-28] bluez 5.49-4 MIGRATED to testing (Debian testing watch)
[2018-05-23] Accepted bluez 5.49-4 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2018-05-23] Accepted bluez 5.49-2 (source) into unstable (Nobuhiro Iwamatsu)
[2018-04-16] bluez 5.49-1 MIGRATED to testing (Debian testing watch)
[2018-04-10] Accepted bluez 5.49-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2017-10-01] bluez 5.47-1 MIGRATED to testing (Debian testing watch)
[2017-09-26] Accepted bluez 5.47-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2017-09-23] Accepted bluez 5.23-2+deb8u1 (all source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2017-09-23] Accepted bluez 5.43-2+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-09-21] Accepted bluez 4.99-2+deb7u1 (source all amd64) into oldoldstable (Lucas Kanashiro)
[2017-09-19] bluez 5.46-1 MIGRATED to testing (Debian testing watch)
[2017-09-13] Accepted bluez 5.46-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2017-07-08] bluez 5.45-1 MIGRATED to testing (Debian testing watch)
[2017-07-03] Accepted bluez 5.45-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2017-03-25] bluez 5.43-2 MIGRATED to testing (Debian testing watch)
[2017-03-19] Accepted bluez 5.43-2 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2016-11-06] bluez 5.43-1 MIGRATED to testing (Debian testing watch)
[2016-10-31] Accepted bluez 5.43-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2016-10-30] bluez 5.41-1 MIGRATED to testing (Debian testing watch)
[2016-10-25] Accepted bluez 5.41-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2016-07-26] Accepted bluez 5.40-1~exp0 (source all amd64) into experimental, experimental (Nobuhiro Iwamatsu)
[2015-11-12] bluez 5.36-1 MIGRATED to testing (Britney)
[2015-11-07] Accepted bluez 5.36-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2015-08-24] bluez 5.33-1 MIGRATED to testing (Britney)
[2015-08-18] Accepted bluez 5.33-1 (source all amd64) into unstable (Nobuhiro Iwamatsu)
[2014-12-10] bluez 5.23-2 MIGRATED to testing (Britney)
[2014-12-05] Accepted bluez 5.23-2 (source amd64 all) into unstable (Nobuhiro Iwamatsu)

bugs [bug history graph]

all: 156 164
RC: 0
I&N: 136 143
M&W: 20 21
F&P: 0
patch: 2

links

homepage
lintian (0, 28)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.50-0ubuntu1
205 bugs (2 patches)
patches for 5.50-0ubuntu1