Amazon Linux 2023 Security Advisory: ALAS2023-2024-473
Advisory Released Date: 2024-01-08
Advisory Updated Date: 2024-01-08
Severity:
Important
Issue Overview:
bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution (CVE-2023-45866)
Affected Packages:
bluez
Issue Correction:
Run dnf update bluez --releasever 2023.3.20240108 to update your system.
New Packages:
aarch64:
bluez-deprecated-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-obexd-5.62-2.amzn2023.0.5.aarch64
bluez-mesh-5.62-2.amzn2023.0.5.aarch64
bluez-mesh-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-devel-5.62-2.amzn2023.0.5.aarch64
bluez-obexd-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-devel-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-cups-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-5.62-2.amzn2023.0.5.aarch64
bluez-hid2hci-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-deprecated-5.62-2.amzn2023.0.5.aarch64
bluez-hid2hci-5.62-2.amzn2023.0.5.aarch64
bluez-cups-5.62-2.amzn2023.0.5.aarch64
bluez-5.62-2.amzn2023.0.5.aarch64
bluez-debugsource-5.62-2.amzn2023.0.5.aarch64
src:
bluez-5.62-2.amzn2023.0.5.src
x86_64:
bluez-obexd-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-libs-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-cups-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-hid2hci-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-deprecated-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-5.62-2.amzn2023.0.5.x86_64
bluez-obexd-5.62-2.amzn2023.0.5.x86_64
bluez-libs-5.62-2.amzn2023.0.5.x86_64
bluez-libs-devel-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-cups-5.62-2.amzn2023.0.5.x86_64
bluez-mesh-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-hid2hci-5.62-2.amzn2023.0.5.x86_64
bluez-mesh-5.62-2.amzn2023.0.5.x86_64
bluez-libs-devel-5.62-2.amzn2023.0.5.x86_64
bluez-deprecated-5.62-2.amzn2023.0.5.x86_64
bluez-debugsource-5.62-2.amzn2023.0.5.x86_64