Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
51b86bb4 by Salvatore Bonaccorso at 2020-03-15T14:22:23+01:00
CVE-2020-0556: Reference cover letter to the patchset
Add this as information as the cover letter to the patchsets adds in
other words information on the CVE-202-0556 / INTEL-SA-00352
vulnerability.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26465,12 +26465,13 @@ CVE-2020-0557
RESERVED
CVE-2020-0556 (Improper access control in subsystem for BlueZ before version
5.53 may ...)
- bluez <unfixed> (bug #953770)
+ NOTE:
https://lore.kernel.org/linux-bluetooth/[email protected]/
NOTE:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=8cdbd3b09f29da29374e2f83369df24228da0ad1
NOTE:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=3cccdbab2324086588df4ccf5f892fb3ce1f1787
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html
NOTE: Second commit introduces new configuration option
"ClassicBondedOnly" which defaults
NOTE: to false, and allows to make sure that input connections only
come from bonded
- NOTE: device connections (additional hardening).
+ NOTE: device connections.
CVE-2020-0555
RESERVED
CVE-2020-0554
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51b86bb42b117966f513465e8179640fc0fd0d71
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51b86bb42b117966f513465e8179640fc0fd0d71
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
