bluez-5.44-6.el7
エラータID: AXSA:2020-4538:01
The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts (Asianux), and pcmcia configuration files.
Security Fix(es):
* bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices (CVE-2018-10910)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7.8 Release Notes linked from the References section.
CVE-2018-10910
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.
Update packages.
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.
N/A
SRPMS
- bluez-5.44-6.el7.src.rpm
MD5: f97d8adcffc151df2dd392c39c2f2cac
SHA-256: fcde3dbad416ac4e703349fc9c0a07c5dfde2907b4349eab37a02fda7d8417c9
Size: 1.63 MB
Asianux Server 7 for x86_64
- bluez-5.44-6.el7.x86_64.rpm
MD5: c3503f9389fd118af709ea032246c1bb
SHA-256: 26c11aa83b622a3892ab186315d634680f5d2ea73863daa6304d53507d554bdf
Size: 1.23 MB - bluez-libs-5.44-6.el7.x86_64.rpm
MD5: e5351a960c8b26c16ea18051a807287d
SHA-256: e1d0f150296976f75069a001b00df29e491809e02746177f6db92fff34f47fc5
Size: 79.57 kB - bluez-libs-5.44-6.el7.i686.rpm
MD5: ee9bdb539ba0d480687fd622f560d37b
SHA-256: 69b2db7c2d6086a27cb8bbf3a4e2cba81287d65c6455f2307fc13516da922252
Size: 79.01 kB
日本語