From ddb42aa6ce17e04b331d3f322fed828567919621 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 13 Jun 2021 08:16:34 +0200
Subject: Track fixed version for bluez issues via unstable

---
 data/CVE/list | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 55b261d75e..23df3e293d 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -717,7 +717,7 @@ CVE-2021-34343
 CVE-2022-20001
 	RESERVED
 CVE-2021-3588 (The cli_feat_read_cb() function in src/gatt-database.c does not perfor ...)
-	- bluez <unfixed> (bug #989700)
+	- bluez 5.55-3.1 (bug #989700)
 	[buster] - bluez <not-affected> (Vulnerable code introduced later)
 	[stretch] - bluez <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/bluez/bluez/issues/70
@@ -47005,7 +47005,7 @@ CVE-2021-0131 (Use of cryptographically weak pseudo-random number generator (PRN
 CVE-2021-0130
 	RESERVED
 CVE-2021-0129 (Improper access control in BlueZ may allow an authenticated user to po ...)
-	- bluez <unfixed> (bug #989614)
+	- bluez 5.55-3.1 (bug #989614)
 	- linux 5.10.40-1
 	NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738
 	NOTE: https://git.kernel.org/linus/6d19628f539fccf899298ff02ee4c73e4bf6df3f
@@ -49835,7 +49835,7 @@ CVE-2020-26559 (Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 an
 	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960011
 CVE-2020-26558 (Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification ...)
-	- bluez <unfixed> (bug #989614)
+	- bluez 5.55-3.1 (bug #989614)
 	- linux 5.10.40-1
 	NOTE: https://kb.cert.org/vuls/id/799380
 	NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/passkey-entry/
-- 
cgit v1.2.3