A vulnerability in bluez-utils was discovered by Henryk Plotz. Due to missing input sanitizing, it was possible for an attacker to execute arbitrary commands supplied as a device name from the remote bluetooth device.
c78df857068d0651a0e2e8ea70b1df85952d226a1d91be949a7a2474ffc93450