Amazon Linux 2023 Security Advisory: ALAS-2024-473
Advisory Release Date: 2024-01-03 23:20 Pacific
Advisory Updated Date: 2024-01-08 21:02 Pacific
Severity:
Important
Issue Overview:
bluez: unauthorized HID device connections allows keystroke injection and arbitrary commands execution (CVE-2023-45866)
Affected Packages:
bluez
Issue Correction:
Run dnf update bluez --releasever 2023.3.20240108 to update your system.
New Packages:
aarch64:
bluez-deprecated-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-obexd-5.62-2.amzn2023.0.5.aarch64
bluez-mesh-5.62-2.amzn2023.0.5.aarch64
bluez-mesh-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-devel-5.62-2.amzn2023.0.5.aarch64
bluez-obexd-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-devel-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-cups-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-libs-5.62-2.amzn2023.0.5.aarch64
bluez-hid2hci-debuginfo-5.62-2.amzn2023.0.5.aarch64
bluez-deprecated-5.62-2.amzn2023.0.5.aarch64
bluez-hid2hci-5.62-2.amzn2023.0.5.aarch64
bluez-cups-5.62-2.amzn2023.0.5.aarch64
bluez-5.62-2.amzn2023.0.5.aarch64
bluez-debugsource-5.62-2.amzn2023.0.5.aarch64
src:
bluez-5.62-2.amzn2023.0.5.src
x86_64:
bluez-obexd-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-libs-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-cups-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-hid2hci-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-deprecated-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-5.62-2.amzn2023.0.5.x86_64
bluez-obexd-5.62-2.amzn2023.0.5.x86_64
bluez-libs-5.62-2.amzn2023.0.5.x86_64
bluez-libs-devel-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-cups-5.62-2.amzn2023.0.5.x86_64
bluez-mesh-debuginfo-5.62-2.amzn2023.0.5.x86_64
bluez-hid2hci-5.62-2.amzn2023.0.5.x86_64
bluez-mesh-5.62-2.amzn2023.0.5.x86_64
bluez-libs-devel-5.62-2.amzn2023.0.5.x86_64
bluez-deprecated-5.62-2.amzn2023.0.5.x86_64
bluez-debugsource-5.62-2.amzn2023.0.5.x86_64