* SECURITY UPDATE: potential double-free in the Bluez 5 module (LP: #1884738)
- d/p/0511-bluetooth-bluez5-fix-double-free-in-pa__init.patch:
Only free modargs once in each of
src/modules/bluetooth/module-bluez5-device.c and
src/modules/bluetooth/module-bluez5-discover.c, patch thanks to Ratchanan
Srirattanamet.
- d/p/0512-bluetooth-bluez5-fix-double-free-2.patch: Initialize pointer
before dereferencing in fail condition.
- CVE-2020-15710
This bug was fixed in the package pulseaudio - 1:8.0-0ubuntu3.14
---------------
pulseaudio (1:8.0-0ubuntu3.14) xenial-security; urgency=medium
* SECURITY UPDATE: potential double-free in the Bluez 5 module (LP: #1884738) bluetooth- bluez5- fix-double- free-in- pa__init. patch: modules/ bluetooth/ module- bluez5- device. c and modules/ bluetooth/ module- bluez5- discover. c, patch thanks to Ratchanan amet. bluetooth- bluez5- fix-double- free-2. patch: Initialize pointer
- d/p/0511-
Only free modargs once in each of
src/
src/
Srirattan
- d/p/0512-
before dereferencing in fail condition.
- CVE-2020-15710
-- Avital Ostromich <email address hidden> Thu, 17 Sep 2020 09:38:52 -0400