Information on source package bluez

Available versions

ReleaseVersion
jessie (security)5.23-2+deb8u1
stretch (security)5.43-2+deb9u1
buster5.50-1
sid5.50-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-10910vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerableA bug in Bluez may allow for the Bluetooth Discoverable state being se ...
CVE-2016-7837vulnerable (no DSA)fixedfixedfixedBuffer overflow in BlueZ 5.41 and earlier allows an attacker to execut ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2016-9918vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ...
CVE-2016-9917vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a buffer overflow was observed in "read_n" function in ...
CVE-2016-9804vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a buffer overflow was observed in "commands_dump" funct ...
CVE-2016-9803vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ...
CVE-2016-9802vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" fun ...
CVE-2016-9801vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" functi ...
CVE-2016-9800vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ...
CVE-2016-9799vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" funct ...
CVE-2016-9798vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a use-after-free was identified in "conf_opt" function ...
CVE-2016-9797vulnerablevulnerablevulnerablevulnerableIn BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" functio ...

Resolved issues

BugDescription
CVE-2017-1000250All versions of the SDP server in BlueZ 5.46 and earlier are vulnerabl ...

Security announcements

DSA / DLADescription
DLA-1103-1bluez - security update
DSA-3972-1bluez - security update
DSA-3972-1bluez - security update

Search for package or bug name: Reporting problems