Comment 1 Stefan Cornelius (RETIRED) 2006-02-09 17:13:57 UTC

hmm well, i'm not really sure if this counts as a security bug, but lets get it fixed anyways: mobile herd, please provide updated ebuild, thank you

I don't see a patch referenced on that page - nor has the bluez project released a new version.

Comment 3 Alastair Tse (RETIRED) 2006-02-10 03:32:37 UTC

http://cvs.sourceforge.net/viewcvs.py/bluez/hcidump/parser/l2cap.c?r1=1.51&r2=1.52&diff_format=u

only just added a couple of hours ago, i suppose the release will be imminent.

Comment 4 Thierry Carrez (RETIRED) 2006-02-12 10:48:12 UTC

Let's wait for upstream, this one sounds lame anyway.

Comment 5 Thierry Carrez (RETIRED) 2006-02-21 10:23:02 UTC

1.30 is out with the fix

Comment 6 Alastair Tse (RETIRED) 2006-02-21 12:51:42 UTC

need a little time to test on stable machine before committing.

Comment 7 Alastair Tse (RETIRED) 2006-02-25 10:58:07 UTC

in portage now. along with stable bump for required bluez-libs and bluez-utils packages.

Comment 8 Stefan Cornelius (RETIRED) 2006-02-25 11:05:23 UTC

arches pls stable (it seems like you need to stable bluez-libs and bluez-utils, too - see comment #7) Thanks.

Comment 9 Mark Loeser (RETIRED) 2006-02-25 12:45:37 UTC

Looks like liquidx already handled x86. :)

Comment 10 Tobias Scherbaum (RETIRED) 2006-02-26 11:01:15 UTC

ppc stable

Comment 11 Thierry Carrez (RETIRED) 2006-02-26 11:35:56 UTC

Ready for GLSA vote, I tend to vote no

Comment 12 Alastair Tse (RETIRED) 2006-02-26 12:44:25 UTC

i think this is pretty minor tbh. i would vote no.

Comment 13 Stefan Cornelius (RETIRED) 2006-02-27 03:02:26 UTC

Voting no and closing, as always: feel free to reopen.