From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:470:142:3::10]:41278)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jCTS3-00005J-2E
 for guix-patches@gnu.org; Thu, 12 Mar 2020 15:25:04 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jCTS1-000162-WD
 for guix-patches@gnu.org; Thu, 12 Mar 2020 15:25:03 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:51847)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1jCTS1-00015w-SF
 for guix-patches@gnu.org; Thu, 12 Mar 2020 15:25:01 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1jCTS1-0008JE-OZ
 for guix-patches@gnu.org; Thu, 12 Mar 2020 15:25:01 -0400
Subject: [bug#40044] BlueZ CVE-2020-0556
Resent-Message-ID: <handler.40044.B.158404106131870@debbugs.gnu.org>
Received: from eggs.gnu.org ([2001:470:142:3::10]:41122)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <leo@famulari.name>) id 1jCTRK-0007CR-AA
 for guix-patches@gnu.org; Thu, 12 Mar 2020 15:24:19 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1jCTRJ-0000WI-6n
 for guix-patches@gnu.org; Thu, 12 Mar 2020 15:24:18 -0400
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:52285)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <leo@famulari.name>) id 1jCTRI-0000QG-VW
 for guix-patches@gnu.org; Thu, 12 Mar 2020 15:24:17 -0400
Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63])
 by mail.messagingengine.com (Postfix) with ESMTPA id 1641D30611FB
 for <guix-patches@gnu.org>; Thu, 12 Mar 2020 15:24:15 -0400 (EDT)
Date: Thu, 12 Mar 2020 15:24:14 -0400
From: Leo Famulari <leo@famulari.name>
Message-ID: <20200312192414.GA28117@jasmine.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: 40044@debbugs.gnu.org

There's some kind of privilege escalation bug in BlueZ:

https://lore.kernel.org/linux-bluetooth/20200310023516.209146-1-alainm@chromium.org/
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html

They released 5.53, so here are patches that graft the update or graft
just the upstream patches.