Resolves: RHEL-25776
Author: Bastien Nocera <bnocera@redhat.com>
Date: Wed Feb 14 15:54:55 2024 +0100
Upgrade to 5.72, the latest stable version of bluez. In addition to
bringing many bug fixes, updating to this version also provides us with:
- support for SecureConnections configuration option (added in 5.67),
which makes it possible to require SecureConnections for environments
that need it, making it possible to avoid a whole class of possible
security vulnerabilities. The default is most compatible.
- 25a471a83e02 ("input.conf: Change default of ClassicBondedOnly") which
fixes CVE-2023-45866
- should fix the crash when a specific keyboard is connected:
https://issues.redhat.com/browse/RHEL-1930
Patches updated:
- 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch was updated
to the latest upstream submission.
Patches upstreamed in 5.65:
- 0001-client-gatt-Fix-memory-leak-issues.patch is obsoleted by
b4233bca181580800b483a228ca5377efcfeb844
- 0002-mesh-appkey-Fix-memory-leaks.patch is obsoleted by
5eb96b3ec8545047a74d7204664267c7aa749070
- 0003-monitor-Fix-memory-leaks.patch is obsoleted by
6f02010ce0043ec2e17eb15f2a1dd42f6c64e223 and
1d6cfb8e625a944010956714c1802bc1e1fc6c4f
- 0004-sixaxis-Fix-memory-leaks.patch is obsoleted by
fc57aa92a4f32f7c0f38198e6d26b529b537a047
- 0005-cltest-Fix-leaked_handle.patch is obsoleted by
f4743109f381a4d53b476c5b77c7c68a6aa40b59
- 0006-create-image-Fix-leaked_handle.patch is obsoleted by
4ae130455b173650f564d92f7908a7ca4f7b1ee6
- 0007-l2cap-tester-Fix-leaked_handle.patch is obsoleted by
4334be027ae1ad50193025c90e77a76b64464b53
- 0008-mesh-mesh-db-Fix-resource-leaks.patch is obsoleted by
35cbfd9660949fca23418bfa32fd51d81ed91208
- 0009-obex-client-Fix-leaked_handle.patch is obsoleted by
39b638526d9a45d54d2d6e3f175fd7eb057ef8f0
- 0010-pbap-Fix-memory-leak.patch is obsoleted by
06d3c7429ad6bdf6eef1bcedee327e74a33c40bf
- 0011-meshctl-Fix-possible-use_after_free.patch is obsoleted by
56bda20ce9e3e5c4684b37cffd4527264c2b4c1e
- 0012-mesh-gatt-Fix-use_after_free.patch is obsoleted by
5cdaeaefc350ea3c42719284b88406579d032fb6
- 0001-gatt-Fix-double-free-and-freed-memory-dereference.patch is
obsoleted by 3627eddea13042ffc0848ae37356f30335ce2e4b
Signed-off-by: David Marlin <dmarlin@redhat.com>