Package "bluez-cups"

Name: bluez-cups


Bluetooth printer driver for CUPS

Latest version: 5.48-0ubuntu3.5
Release: bionic (18.04)
Level: updates
Repository: main
Head package: bluez
Homepage: http://www.bluez.org


Download "bluez-cups"

Other versions of "bluez-cups" in Bionic

Repository Area Version
base main 5.48-0ubuntu3
security main 5.48-0ubuntu3.5


Version: 5.48-0ubuntu3.5 2021-06-16 15:06:25 UTC

  bluez (5.48-0ubuntu3.5) bionic-security; urgency=medium

  * SECURITY UPDATE: secure pairing passkey brute force
    - debian/patches/CVE-2020-26558.patch: fix not properly checking for
      secure flags in src/shared/att-types.h, src/shared/gatt-server.c.
    - CVE-2020-26558
  * SECURITY UPDATE: DoS or code execution via double-free
    - debian/patches/CVE-2020-27153.patch: fix possible crash on disconnect
      in src/shared/att.c.
    - CVE-2020-27153

 -- Marc Deslauriers <email address hidden> Wed, 09 Jun 2021 11:12:47 -0400

Source diff to previous version
CVE-2020-26558 Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the
CVE-2020-27153 In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a

Version: 5.48-0ubuntu3.4 2020-03-30 16:06:14 UTC

  bluez (5.48-0ubuntu3.4) bionic-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via improper access control
    - debian/patches/CVE-2020-0556-1.patch: HOGP must only accept data from
      bonded devices in profiles/input/hog.c.
    - debian/patches/CVE-2020-0556-2.patch: HID accepts bonded device
      connections only in profiles/input/device.c, profiles/input/device.h,
      profiles/input/input.conf, profiles/input/manager.c.
    - debian/patches/CVE-2020-0556-3.patch: attempt to set security level
      if not bonded in profiles/input/hog.c.
    - debian/patches/CVE-2020-0556-4.patch: add LEAutoSecurity setting to
      input.conf in profiles/input/device.h, profiles/input/hog.c,
      profiles/input/input.conf, profiles/input/manager.c.
    - CVE-2020-0556

 -- Marc Deslauriers <email address hidden> Mon, 23 Mar 2020 08:26:28 -0400

Source diff to previous version
CVE-2020-0556 Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege an

Version: 5.48-0ubuntu3.3 2020-02-03 15:07:11 UTC

  bluez (5.48-0ubuntu3.3) bionic; urgency=medium

  * Add lp1845046-policy-Add-logic-to-connect-a-Sink.patch to properly expose
    A2DP high quality audio support on some headphones (LP: #1845046).

 -- Daniel van Vugt <email address hidden> Mon, 06 Jan 2020 16:30:36 +0800

Source diff to previous version
1845046 Bluetooth headphones default to low quality headset mode and fail to switch to A2DP when selected

Version: 5.48-0ubuntu3.2 2019-10-21 16:07:02 UTC

  bluez (5.48-0ubuntu3.2) bionic; urgency=medium

  * d/p/lp1759836.patch: avoid endless udev events from new bind uevents
    (LP: #1759836)

 -- Dan Streetman <email address hidden> Tue, 10 Sep 2019 17:25:22 -0400

Source diff to previous version

Version: 5.48-0ubuntu3.1 2018-07-12 10:06:57 UTC

  bluez (5.48-0ubuntu3.1) bionic; urgency=medium

  * Add fix-lp1759628-upstream-commit-1873096352.patch to fix loss of
    audio on suspend/resume (LP: #1759628)

 -- Daniel van Vugt <email address hidden> Fri, 22 Jun 2018 17:27:15 +0800

1759628 bluez regression: Bluetooth audio fails to reconnect after resume

About   -   Send Feedback to @ubuntu_updates