Ubuntu Security Notice 4605-2 - Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. While a previous security update fixed the issue, this update provides additional improvements by enabling PolicyKit authentication for privileged commands. Various other issues were also addressed.
a002dc8f38994b9b14e4c9d270098dbd18203170e58487b85174d6fd4cf21c4c