Oval Definition:oval:com.redhat.rhsa:def:20080581
Revision Date:2008-07-14Version:638
Title:RHSA-2008:0581: bluez-libs and bluez-utils security update (Moderate)
Description:The bluez-libs package contains libraries for use in Bluetooth applications. The bluez-utils package contains Bluetooth daemons and utilities.

  • An input validation flaw was found in the Bluetooth Session Description Protocol (SDP) packet parser used by the Bluez Bluetooth utilities. A Bluetooth device with an already-established trust relationship, or a local user registering a service record via a UNIX® socket or D-Bus interface, could cause a crash, or possibly execute arbitrary code with privileges of the hcid daemon. (CVE-2008-2374)

    Users of bluez-libs and bluez-utils are advised to upgrade to these updated packages, which contains a backported patch to correct this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-2374
    RHSA-2008:0581
    RHSA-2008:0581-01
    RHSA-2008:0581-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • bluez-libs is earlier than 0:2.10-3
  • AND bluez-libs is signed with Red Hat redhatrelease2 key
  • bluez-libs-devel is earlier than 0:2.10-3
  • AND bluez-libs-devel is signed with Red Hat redhatrelease2 key
  • bluez-utils is earlier than 0:2.10-2.4
  • AND bluez-utils is signed with Red Hat redhatrelease2 key
  • bluez-utils-cups is earlier than 0:2.10-2.4
  • AND bluez-utils-cups is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • bluez-libs is earlier than 0:3.7-1.1
  • AND bluez-libs is signed with Red Hat redhatrelease2 key
  • bluez-libs-devel is earlier than 0:3.7-1.1
  • AND bluez-libs-devel is signed with Red Hat redhatrelease2 key
  • bluez-utils is earlier than 0:3.7-2.2
  • AND bluez-utils is signed with Red Hat redhatrelease2 key
  • bluez-utils-cups is earlier than 0:3.7-2.2
  • AND bluez-utils-cups is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • bluez-libs is earlier than 0:2.10-3
  • AND bluez-libs is signed with Red Hat master key
  • bluez-libs-devel is earlier than 0:2.10-3
  • AND bluez-libs-devel is signed with Red Hat master key
  • bluez-utils is earlier than 0:2.10-2.4
  • AND bluez-utils is signed with Red Hat master key
  • bluez-utils-cups is earlier than 0:2.10-2.4
  • AND bluez-utils-cups is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • bluez-libs is earlier than 0:3.7-1.1
  • AND bluez-libs is signed with Red Hat redhatrelease key
  • bluez-libs-devel is earlier than 0:3.7-1.1
  • AND bluez-libs-devel is signed with Red Hat redhatrelease key
  • bluez-utils is earlier than 0:3.7-2.2
  • AND bluez-utils is signed with Red Hat redhatrelease key
  • bluez-utils-cups is earlier than 0:3.7-2.2
  • AND bluez-utils-cups is signed with Red Hat redhatrelease key
    • BACK