diff options
author | Marta Rybczynska <rybczynska@gmail.com> | 2021-12-14 10:50:27 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-12-30 16:59:16 +0000 |
commit | 30231b235487973f4e6b1921b428d938ec20bec8 (patch) | |
tree | 8bd2fcf0e342aa3780cae168f56203c56686e14b /meta/recipes-connectivity/bluez5/bluez5.inc | |
parent | 795339092f87672e4f68e4d3bc4cfd0e252d1831 (diff) | |
download | poky-30231b235487973f4e6b1921b428d938ec20bec8.tar.gz |
bluez: fix CVE-2021-0129
Improper access control in BlueZ may allow an authenticated user to
potentially enable information disclosure via adjacent access.
This issue can be fixed in the kernel, in BlueZ or both. This patch
fixes it on the BlueZ side, so that the configuration no longer
depends on the kernel fix.
https://nvd.nist.gov/vuln/detail/CVE-2021-012
(From OE-Core rev: 573ff24c5ba7836b4dd7f95b6e7c7244b80f9d00)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/bluez5/bluez5.inc')
-rw-r--r-- | meta/recipes-connectivity/bluez5/bluez5.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc index 202a14dee0..34796fdd20 100644 --- a/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/meta/recipes-connectivity/bluez5/bluez5.inc | |||
@@ -52,6 +52,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ | |||
52 | ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ | 52 | ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ |
53 | file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ | 53 | file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ |
54 | file://0001-test-gatt-Fix-hung-issue.patch \ | 54 | file://0001-test-gatt-Fix-hung-issue.patch \ |
55 | file://CVE-2021-0129.patch \ | ||
55 | file://CVE-2021-3588.patch \ | 56 | file://CVE-2021-3588.patch \ |
56 | " | 57 | " |
57 | S = "${WORKDIR}/bluez-${PV}" | 58 | S = "${WORKDIR}/bluez-${PV}" |