bluez: fix CVE-2021-0129

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. This issue can be fixed in the kernel, in BlueZ or both. This patch fixes it on the BlueZ side, so that the configuration no longer depends on the kernel fix. https://nvd.nist.gov/vuln/detail/CVE-2021-012 (From OE-Core rev: 573ff24c5ba7836b4dd7f95b6e7c7244b80f9d00) Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Marta Rybczynska <rybczynska@gmail.com> 2021-12-14 10:50:27 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2021-12-30 16:59:16 +0000
commit: 30231b235487973f4e6b1921b428d938ec20bec8 (patch)
tree: 8bd2fcf0e342aa3780cae168f56203c56686e14b /meta/recipes-connectivity/bluez5/bluez5.inc
parent: 795339092f87672e4f68e4d3bc4cfd0e252d1831 (diff)
download: poky-30231b235487973f4e6b1921b428d938ec20bec8.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index 202a14dee0..34796fdd20 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -52,6 +52,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
           ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
           file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
           file://0001-test-gatt-Fix-hung-issue.patch \
+           file://CVE-2021-0129.patch \
           file://CVE-2021-3588.patch \
           "
 S = "${WORKDIR}/bluez-${PV}"
author	Marta Rybczynska <rybczynska@gmail.com>	2021-12-14 10:50:27 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2021-12-30 16:59:16 +0000
commit	30231b235487973f4e6b1921b428d938ec20bec8 (patch)
tree	8bd2fcf0e342aa3780cae168f56203c56686e14b /meta/recipes-connectivity/bluez5/bluez5.inc
parent	795339092f87672e4f68e4d3bc4cfd0e252d1831 (diff)
download	poky-30231b235487973f4e6b1921b428d938ec20bec8.tar.gz

diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc index 202a14dee0..34796fdd20 100644 --- a/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -52,6 +52,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
52	${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \	52	${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
53	file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \	53	file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
54	file://0001-test-gatt-Fix-hung-issue.patch \	54	file://0001-test-gatt-Fix-hung-issue.patch \
		55	file://CVE-2021-0129.patch \
55	file://CVE-2021-3588.patch \	56	file://CVE-2021-3588.patch \
56	"	57	"
57	S = "${WORKDIR}/bluez-${PV}"	58	S = "${WORKDIR}/bluez-${PV}"