- Update to 5.78:

* Fix issue with handling notification of scanned BISes to BASS
  * Fix issue with handling checking BIS caps against peer caps.
  * Fix issue with handling MGMT Set Device Flags overwrites.
  * Fix issue with handling ASE notification order.
  * Fix issue with handling BIG Info report events.
  * Fix issue with handling PACS Server role.
  * Fix issue with registering UHID_START multiple times.
  * Fix issue with pairing method not setting auto-connect.
- Fix 3 rpmlint warnings, some configuration files were not marked as so.

OBS-URL: https://build.opensuse.org/package/show/Base:System/bluez?expand=0&rev=375

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

0001-rpi3-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch

@@ -0,0 +1,35 @@
+From 4de2871675d3b039b5797e77cc1d6ce4070e86b2 Mon Sep 17 00:00:00 2001
+From: Phil Elwell <phil@raspberrypi.org>
+Date: Tue, 16 Feb 2016 16:39:09 +0000
+Subject: [PATCH] bcm43xx: The UART speed must be reset after the firmware
+ download
+
+---
+ tools/hciattach_bcm43xx.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+Index: bluez-5.71/tools/hciattach_bcm43xx.c
+===================================================================
+--- bluez-5.71.orig/tools/hciattach_bcm43xx.c
++++ bluez-5.71/tools/hciattach_bcm43xx.c
+@@ -350,11 +350,8 @@ int bcm43xx_init(int fd, int def_speed,
+ 		return -1;
+ 
+ 	if (bcm43xx_locate_patch(FIRMWARE_DIR, chip_name, fw_path)) {
+-		fprintf(stderr, "Patch not found, continue anyway\n");
++		fprintf(stderr, "Patch not found for %s, continue anyway\n", chip_name);
+ 	} else {
+-		if (bcm43xx_set_speed(fd, ti, speed))
+-			return -1;
+-
+ 		if (bcm43xx_load_firmware(fd, fw_path))
+ 			return -1;
+ 
+@@ -364,6 +361,7 @@ int bcm43xx_init(int fd, int def_speed,
+ 			return -1;
+ 		}
+ 
++		sleep(1);
+ 		if (bcm43xx_reset(fd))
+ 			return -1;
+ 	}

CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch

@@ -0,0 +1,34 @@
+# Upstream suggests to use btmon instead of hcidump and does not want those patches
+# => PATCH-FIX-OPENSUSE for those two :-)
+# fix some memory leak with malformed packet (reported upstream but not yet fixed)
+
+From 5ca9510314d15d562e9ef5515a5483be5f28258d Mon Sep 17 00:00:00 2001
+From: "Cho, Yu-Chen" <acho@suse.com>
+Date: Wed, 21 Mar 2018 17:32:45 +0800
+Subject: [PATCH BlueZ] tool/hcidump: Fix memory leak with malformed packet
+
+Do not allow to read more then buffer size.
+---
+ tools/parser/hci.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+Index: bluez-5.65/tools/parser/hci.c
+===================================================================
+--- bluez-5.65.orig/tools/parser/hci.c
++++ bluez-5.65/tools/parser/hci.c
+@@ -976,8 +976,14 @@ static inline void pin_code_reply_dump(i
+ 	memset(pin, 0, sizeof(pin));
+ 	if (parser.flags & DUMP_NOVENDOR)
+ 		memset(pin, '*', cp->pin_len);
+-	else
++	else {
++                 if (cp->pin_len > sizeof(pin)){
++                        perror("Read failed");
++                        exit(1);
++                }
++
+ 		memcpy(pin, cp->pin_code, cp->pin_len);
++	}
+ 	printf("bdaddr %s len %d pin \'%s\'\n", addr, cp->pin_len, pin);
+ }
+ 

CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch

@@ -0,0 +1,31 @@
+# Upstream suggests to use btmon instead of hcidump and does not want those patches
+# => PATCH-FIX-OPENSUSE for those two :-)
+# fix some memory leak with malformed packet (reported upstream but not yet fixed)
+
+From 00f50518f232c758855ac9884a841f707f41a301 Mon Sep 17 00:00:00 2001
+From: "Cho, Yu-Chen" <acho@suse.com>
+Date: Thu, 3 May 2018 18:52:19 +0800
+Subject: [PATCH BlueZ] tool/hcidump: Fix memory leak with malformed packet
+
+The Supported Commands is a 64 octet bit field.
+Do not allow to read more then the size.
+---
+ tools/parser/csr.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+Index: bluez-5.65/tools/parser/csr.c
+===================================================================
+--- bluez-5.65.orig/tools/parser/csr.c
++++ bluez-5.65/tools/parser/csr.c
+@@ -133,6 +133,11 @@ static inline void commands_dump(int lev
+ 	unsigned char commands[64];
+ 	unsigned int i;
+ 
++	if (frm->len > 64) {
++		perror("Read failed");
++		exit(1);
++	}
++
+ 	memcpy(commands, frm->ptr, frm->len);
+ 
+ 	p_indent(level, frm);

baselibs.conf

@@ -0,0 +1,4 @@
+libbluetooth3
+bluez-devel
+	requires -bluez-<targettype>
+	requires "libbluetooth3-<targettype> = <version>"

bluetooth.modprobe

@@ -0,0 +1,3 @@
+# use "reset=1" as default, since it should be safe for recent devices and
+# solves all kind of problems.
+options btusb reset=1

bluez-5.11-logitech-hid2hci.patch

@@ -0,0 +1,25 @@
+# fix some logitech HID devices, bnc#681049, bnc#850478 --seife+obs@b1-systems.com
+
+Apparently some Logitech devices need different rules.
+https://bugzilla.novell.com/show_bug.cgi?id=681049
+https://bugzilla.novell.com/show_bug.cgi?id=850478
+
+Index: b/tools/hid2hci.rules
+===================================================================
+--- a/tools/hid2hci.rules
++++ b/tools/hid2hci.rules
+@@ -9,11 +9,13 @@ SUBSYSTEM!="usb*", GOTO="hid2hci_end"
+ ATTR{bInterfaceClass}=="03", ATTR{bInterfaceSubClass}=="01", ATTR{bInterfaceProtocol}=="02", \
+   ATTRS{bDeviceClass}=="00", ATTRS{idVendor}=="413c", ATTRS{bmAttributes}=="e0", \
+   RUN+="hid2hci --method=dell --devpath=%p", ENV{HID2HCI_SWITCH}="1"
+ 
+ # Logitech devices
+-KERNEL=="hiddev*", ATTRS{idVendor}=="046d", ATTRS{idProduct}=="c70[345abce]|c71[34bc]", \
++KERNEL=="hiddev*", ATTRS{idVendor}=="046d", ATTRS{idProduct}=="c70[5e]", \
++  RUN+="hid2hci --method=logitech-hid --devpath=%p"
++KERNEL=="hidraw*", ATTRS{idVendor}=="046d", ATTRS{idProduct}=="c70[34abc]|c71[34bc]", \
+   RUN+="hid2hci --method=logitech-hid --devpath=%p"
+ 
+ ENV{DEVTYPE}!="usb_device", GOTO="hid2hci_end"
+ 
+ # When a Dell device recovers from S3, the mouse child needs to be repoked

bluez-disable-broken-tests.diff

@@ -0,0 +1,22 @@
+Index: bluez-5.71/Makefile.am
+===================================================================
+--- bluez-5.71.orig/Makefile.am
++++ bluez-5.71/Makefile.am
+@@ -679,7 +679,7 @@ unit_test_bass_SOURCES = unit/test-bass.
+ unit_test_bass_LDADD = src/libshared-glib.la \
+ 				lib/libbluetooth-internal.la $(GLIB_LIBS)
+ 
+-unit_tests += unit/test-vcp
++# unit_tests += unit/test-vcp
+ 
+ unit_test_vcp_SOURCES = unit/test-vcp.c $(btio_sources)
+ unit_test_vcp_LDADD = src/libshared-glib.la \
+@@ -696,7 +696,7 @@ unit_test_midi_LDADD = src/libshared-gli
+ endif
+ 
+ if MESH
+-unit_tests += unit/test-mesh-crypto
++#unit_tests += unit/test-mesh-crypto
+ unit_test_mesh_crypto_CPPFLAGS = $(ell_cflags)
+ unit_test_mesh_crypto_SOURCES = unit/test-mesh-crypto.c \
+ 				mesh/crypto.h ell/internal ell/ell.h

bluez-no-cups-devel-buildreq.patch

@@ -0,0 +1,22 @@
+Subject: avoid cups-devel buildrequires
+Author:  Stefan Seyfried <seife+obs@b1-sytems.com>
+Date:    2024-08-15
+
+The only thing required from cups-devel during build is the cups_serverbin
+variable. Unfortunately, pulling in cups-devel creates a huge dependency
+loop.
+To avoid this, just hardcode the cups_serverbin value for now.
+
+Index: b/configure.ac
+===================================================================
+--- a/configure.ac
++++ b/configure.ac
+@@ -252,7 +252,7 @@ AC_ARG_ENABLE(cups, AS_HELP_STRING([--di
+ AM_CONDITIONAL(CUPS, test "${enable_cups}" != "no")
+ if (test "${enable_cups}" != "no"); then
+ 	AC_MSG_CHECKING([cups directory])
+-	cups_serverbin=`$PKG_CONFIG cups --variable=cups_serverbin`
++	cups_serverbin="/usr/lib/cups"
+ 	AC_MSG_RESULT([${cups_serverbin}])
+ fi
+ AM_CONDITIONAL(CUPS_SERVERBIN, test "${cups_serverbin}" != "")

bluez-sdp-unix-path.patch

@@ -0,0 +1,13 @@
+Index: bluez-5.65/lib/sdp.h
+===================================================================
+--- bluez-5.65.orig/lib/sdp.h
++++ bluez-5.65/lib/sdp.h
+@@ -21,7 +21,7 @@ extern "C" {
+ #include <stdint.h>
+ #include <bluetooth/bluetooth.h>
+ 
+-#define SDP_UNIX_PATH "/var/run/sdp"
++#define SDP_UNIX_PATH "/run/sdp"
+ #define SDP_RESPONSE_TIMEOUT	20
+ #define SDP_REQ_BUFFER_SIZE	2048
+ #define SDP_RSP_BUFFER_SIZE	65535

bluez.spec

@@ -0,0 +1,503 @@
+#
+# spec file for package bluez
+#
+# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2010-2020 B1 Systems GmbH, Vohburg, Germany
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%if 0%{?suse_version} >= 1550 || 0%{?sle_version} >= 150200
+%bcond_without mesh
+%else
+%bcond_with    mesh
+%endif
+%bcond_without bluez_deprecated
+
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150300
+# systemd-rpm-macros is wrong in 15.3 and below
+%global _modprobedir /lib/modprobe.d
+%endif
+%global modprobe_d_files 50-bluetooth.conf
+
+%if %{undefined _firmwaredir}
+%define _firmwaredir /lib/firmware
+%endif
+
+Name:           bluez
+Version:        5.78
+Release:        0
+Summary:        Bluetooth Stack for Linux
+License:        GPL-2.0-or-later
+Group:          Hardware/Mobile
+URL:            https://www.bluez.org
+Source:         https://www.kernel.org/pub/linux/bluetooth/bluez-%{version}.tar.xz
+# we still want debuginfo
+#KEEP NOSOURCE DEBUGINFO
+Source5:        baselibs.conf
+Source7:        bluetooth.modprobe
+Source9:        bluez.changes.sle
+# fix some logitech HID devices, bnc#681049, bnc#850478 --seife+obs@b1-systems.com
+Patch1:         bluez-5.11-logitech-hid2hci.patch
+Patch2:         bluez-sdp-unix-path.patch
+# avoid cups-devel buildrequires --seife+obs@b1-systems.com
+Patch3:         bluez-no-cups-devel-buildreq.patch
+# workaround for broken tests (reported upstream but not yet fixed)
+Patch4:         bluez-disable-broken-tests.diff
+# disable tests for bypass boo#1078285
+Patch12:        disable_some_obex_tests.patch
+# bsc#1013708 CVE-2016-9797
+Patch14:        hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch
+# bsc#1015171 CVE-2016-9917
+Patch15:        hcidump-Fix-memory-leak-with-malformed-packet.patch
+# bsc#1013712 CVE-2016-9798
+Patch16:        hcidump-Fixed-malformed-segment-frame-length.patch
+# Upstream suggests to use btmon instead of hcidump and does not want those patches
+# => PATCH-FIX-OPENSUSE for those two :-)
+# fix some memory leak with malformed packet (reported upstream but not yet fixed)
+Patch101:       CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
+Patch102:       CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
+# Move 43xx firmware path for RPi3 bluetooth support bsc#1140688 bsc#995059 bsc#1094902
+Patch201:       0001-rpi3-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch
+# mesh-cfgtest only compiles with gcc8 or newer, Leap 15 has gcc7.5.0 as default
+%if 0%{?suse_version} < 1550
+BuildRequires:  gcc8
+%endif
+BuildRequires:  automake
+BuildRequires:  flex
+BuildRequires:  libtool
+BuildRequires:  pkgconfig
+BuildRequires:  readline-devel
+BuildRequires:  systemd-rpm-macros
+BuildRequires:  pkgconfig(alsa)
+BuildRequires:  pkgconfig(check)
+## we use bluez-no-cups-devel-buildreq.patch instead to avoid a build loop
+# BuildRequires:  pkgconfig(cups)
+BuildRequires:  pkgconfig(dbus-1) >= 1.6
+BuildRequires:  pkgconfig(glib-2.0) >= 2.28
+BuildRequires:  pkgconfig(libcap-ng)
+BuildRequires:  pkgconfig(libical)
+BuildRequires:  pkgconfig(libudev)
+BuildRequires:  pkgconfig(sndfile)
+BuildRequires:  pkgconfig(udev)
+# for rst2man
+BuildRequires:  python3-docutils
+BuildRequires:  python3-Pygments
+# libgio-2_0-0 has a runtime dependency on shared-mime-info, which is not
+# required for building here, but causes a build loop
+#!BuildIgnore:  shared-mime-info
+Requires(post): systemd
+Recommends:     sbc
+Provides:       bluez-utils = 3.36
+Obsoletes:      bluez-utils < 3.36
+Provides:       bluez-audio = 3.36
+Obsoletes:      bluez-audio < 3.36
+Obsoletes:      bluez-hcidump < 5.0
+Provides:       bluez-hcidump = %{version}
+Obsoletes:      obexd-client < 5.0
+Provides:       obexd-client = %{version}
+%{?systemd_requires}
+%if 0%{?suse_version} >= 1550
+BuildRequires:  pkgconfig(ell) >= 0.39
+%endif
+%if %{with mesh}
+# json-c is needed for --enable-mesh
+BuildRequires:  pkgconfig(json-c)
+%endif
+
+%description
+BlueZ provides support for the core Bluetooth layers and protocols.
+
+%package devel
+Summary:        Files needed for BlueZ development
+License:        GPL-2.0-or-later
+Group:          Development/Languages/C and C++
+Requires:       libbluetooth3 = %{version}
+
+%description devel
+Files needed to develop applications for the BlueZ Bluetooth protocol
+stack.
+
+%package -n libbluetooth3
+Summary:        Bluetooth Libraries
+License:        GPL-2.0-or-later
+Group:          System/Libraries
+Provides:       bluez-libs = 3.36
+Obsoletes:      bluez-libs < 3.36
+
+%description -n libbluetooth3
+BlueZ provides support for the core Bluetooth layers and protocols.
+It is uses a modular implementation. It has many interesting features:
+
+* Multithreaded data processing
+* Support for multiple Bluetooth devices
+* Real hardware abstraction
+* Standard socket interface to all layers
+* Device and service level security support
+
+%package cups
+Summary:        CUPS Driver for Bluetooth Printers
+License:        GPL-2.0-or-later
+Group:          Hardware/Printing
+Requires:       %{name}
+Requires:       cups
+Supplements:    (%{name} and cups)
+
+%description cups
+Contains the files required by CUPS for printing to Bluetooth-connected
+printers.
+
+%package test
+Summary:        Tools for testing of various Bluetooth-functions
+License:        GPL-2.0-or-later AND MIT
+Group:          Development/Tools/Debuggers
+Requires:       python3-dbus-python
+Requires:       python3-gobject
+
+%description test
+Contains a few tools for testing various bluetooth functions. The
+BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A.
+
+%package auto-enable-devices
+Summary:        Configuration that automatically enables all bluetooth devices
+License:        GPL-2.0-or-later
+Group:          Hardware/Mobile
+BuildArch:      noarch
+Requires(post): systemd
+
+%description auto-enable-devices
+Contains configuration that automatically enables all bluetooth devices
+that are connected to the system if no other tool is handling them (e.g.
+desktop specific applets like blueman or GNOME or KDE applets).
+
+%post auto-enable-devices
+{  systemctl status -n0 bluetooth.service > /dev/null && systemctl restart bluetooth.service ; } ||:
+
+%postun auto-enable-devices
+{  systemctl status -n0 bluetooth.service > /dev/null && systemctl restart bluetooth.service ; } ||:
+
+%if %{with bluez_deprecated}
+%package deprecated
+Summary:        Bluez tools that upstream considers obsolete
+License:        GPL-2.0-or-later
+Group:          Hardware/Mobile
+
+%description deprecated
+This package contains tools from the bluez package that are only built
+if the "--enable-deprecated" switch is used. These are considered obsolete
+by the upstream developers and might contain serious issues, even security
+bugs. Use at your own risk.
+
+Note that this package will go away before end of 2020, change your code
+to use the modern tools instead.
+%endif
+
+%package obexd
+Summary:        Object Exchange daemon for sharing binary objects
+License:        GPL-2.0-or-later
+Group:          Hardware/Mobile
+Requires:       bluez = %{version}
+Supplements:    bluedevil5
+Supplements:    blueman
+Supplements:    gnome-bluetooth
+
+%description obexd
+This is an object exchange daemon for binary objects transferring between
+devices. obexd is necessary to install for sharing files, contacts
+etc. through bluetooth.
+
+%package zsh-completion
+Summary:        Zsh completion for bluez
+Group:          System/Management
+Requires:       %{name}
+Requires:       zsh
+Supplements:    (%{name} and zsh)
+BuildArch:      noarch
+
+%description zsh-completion
+This package contain the zsh completion command for the Bluetooth Stack for Linux.
+
+%prep
+%autosetup -p1
+mkdir dbus-apis
+cp -a doc/*.txt dbus-apis/
+
+# for auto-enable subpackage
+sed -i '/^#AutoEnable=false/aAutoEnable=true' src/main.conf
+
+# Fix shebangs in test files
+%{?python3_fix_shebang_path:%python3_fix_shebang_path test/*}
+
+%build
+%if 0%{?suse_version} < 1550
+echo 0%{?suse_version}
+export CC=gcc-8
+%endif
+# header file has "#ifndef FIRMWARE_DIR...#define FIRMWARE_DIR /etc/firmare"
+# instead of patching, just supply FIRMWARE_DIR on compiler's command line
+export CPPFLAGS="$CPPFLAGS -DFIRMWARE_DIR='\"%{_firmwaredir}\"'"
+# because of patch4...
+autoreconf -fi
+# --enable-experimental is needed or btattach does not build (bug?)
+%configure \
+	--disable-silent-rules  \
+	--enable-pie		\
+	--enable-library	\
+	--enable-tools		\
+	--enable-cups		\
+	--enable-hid2hci        \
+	--enable-admin		\
+%if %{with mesh}
+	--enable-mesh		\
+%endif
+	--enable-midi		\
+	--enable-test		\
+	--enable-experimental	\
+%if %{with bluez_deprecated}
+	--enable-deprecated	\
+%endif
+	--enable-datafiles	\
+	--enable-sixaxis	\
+	--with-dbusconfdir=%{_datadir}	\
+%if 0%{?suse_version} >= 1550
+	--enable-external-ell	\
+%endif
+	--with-systemdsystemunitdir=%{_unitdir}		\
+	--with-systemduserunitdir=%{_userunitdir}
+
+%make_build all
+
+%install
+%make_install
+find %{buildroot} -type f -name "*.la" -delete -print
+install --mode=0644 -D %{SOURCE7} %{buildroot}/%{_modprobedir}/50-bluetooth.conf
+# no idea why this is suddenly necessary...
+install --mode 0755 -d %{buildroot}%{_localstatedir}/lib/bluetooth
+
+## same as in fedora...
+# "make install" fails to install gatttool, used with Bluetooth Low Energy
+# boo#970628
+%if %{with bluez_deprecated}
+install -m0755 attrib/gatttool %{buildroot}%{_bindir}
+%endif
+
+## install btgatt-client for -test package, see
+## https://www.spinics.net/lists/linux-bluetooth/msg63258.html
+install -m0755 tools/btgatt-client %{buildroot}%{_bindir}
+# btmgmt can be useful
+install -m0755 tools/btmgmt %{buildroot}%{_bindir}
+# avinfo can be useful for debugging
+install -m0755 tools/avinfo %{buildroot}%{_bindir}
+
+# for auto-enable subpackage
+find . -name main.conf
+install --mode 0644 -D src/main.conf %{buildroot}/%{_sysconfdir}/bluetooth/main.conf
+
+# rpmlint warnings...
+cd %{buildroot}%{_libdir}/bluez/test
+chmod 0644 *.py *.xml *.dtd
+
+mkdir -p %{buildroot}%{_defaultdocdir}/%{name}
+cp %{SOURCE9} %{buildroot}%{_defaultdocdir}/%{name}
+%if %{with mesh}
+# boo#1151518
+mv %{buildroot}%{_datadir}/dbus-1/system.d/bluetooth-mesh.conf %{buildroot}%{_defaultdocdir}/%{name}
+mv %{buildroot}%{_datadir}/dbus-1/system-services/org.bluez.mesh.service %{buildroot}%{_defaultdocdir}/%{name}
+cat > %{buildroot}%{_defaultdocdir}/%{name}/README-mesh.SUSE << EOF
+The bluetooth-mesh dbus system config has been disabled due to security
+concerns. See https://bugzilla.opensuse.org/show_bug.cgi?id=1151518 for
+details.
+
+If you want to use this feature anyway, copy
+bluetooth-mesh.conf to %{_sysconfdir}/dbus-1/systemd.d/ and
+org.bluez.mesh.service to %{_sysconfdir}/dbus-1/system-services/,
+then reboot.
+EOF
+touch -r %{SOURCE0} %{buildroot}%{_defaultdocdir}/%{name}/README-mesh.SUSE
+%endif
+
+%check
+%if ! 0%{?qemu_user_space_build}
+##make %%{?_smp_mflags} check
+# deliberately not running parallel, as the test suite has spurious failures otherwise
+%make_build check V=0
+%endif
+
+%pre
+%service_add_pre bluetooth.service bluetooth-mesh.service
+# Avoid restoring outdated stuff in posttrans
+for _f in %{?modprobe_d_files}; do
+    [ ! -f "/etc/modprobe.d/${_f}.rpmsave" ] || \
+	mv -f "/etc/modprobe.d/${_f}.rpmsave" "/etc/modprobe.d/${_f}.rpmsave.old" || :
+done
+
+%post
+%{?udev_rules_update:%udev_rules_update}
+# todo: check if this is still obeyed / needed with systemd
+%{fillup_only -n bluetooth}
+# We need the bluez systemd service enabled at any time. It won't start up
+# on its own, as it is triggered by udev in the end (bnc#796671)
+%{_bindir}/systemctl enable bluetooth.service 2>&1 || :
+%{_bindir}/systemctl daemon-reload >/dev/null 2>&1 || :
+
+%preun
+%service_del_preun bluetooth.service bluetooth-mesh.service
+
+%postun
+%service_del_postun bluetooth.service bluetooth-mesh.service
+
+%posttrans
+# Migration of modprobe.conf files to _modprobedir
+for _f in %{?modprobe_d_files}; do
+    [ ! -f "/etc/modprobe.d/${_f}.rpmsave" ] || \
+	mv -fv "/etc/modprobe.d/${_f}.rpmsave" "/etc/modprobe.d/${_f}" || :
+done
+
+%post -n libbluetooth3 -p /sbin/ldconfig
+%postun -n libbluetooth3 -p /sbin/ldconfig
+
+%pre obexd
+%systemd_user_pre obex.service
+
+%post obexd
+%systemd_user_post obex.service
+
+%preun obexd
+%systemd_user_preun obex.service
+
+%postun obexd
+%systemd_user_postun obex.service
+
+%files
+%doc AUTHORS ChangeLog README dbus-apis src/main.conf
+%if %{with mesh}
+%doc %{_defaultdocdir}/%{name}/*
+%endif
+%license COPYING
+%{_bindir}/bluemoon
+%{_bindir}/btattach
+%{_bindir}/btmgmt
+%{_bindir}/l2ping
+%{_bindir}/hex2hcd
+%{_bindir}/isotest
+%{_bindir}/mpris-proxy
+%dir %{_libexecdir}/bluetooth
+%{_libexecdir}/bluetooth/bluetoothd
+%if %{with mesh}
+%{_libexecdir}/bluetooth/bluetooth-meshd
+%{_bindir}/mesh-cfgtest
+%{_mandir}/man8/bluetooth-meshd.8%{?ext_man}
+%endif
+%{_bindir}/bluetoothctl
+%{_bindir}/btmon
+%if %{with mesh}
+%{_bindir}/meshctl
+%{_bindir}/mesh-cfgclient
+%endif
+%{_prefix}/lib/udev/
+%{_mandir}/man1/btattach.1%{?ext_man}
+%{_mandir}/man1/btmon.1%{?ext_man}
+%{_mandir}/man1/isotest.1%{?ext_man}
+%{_mandir}/man8/bluetoothd.8%{?ext_man}
+%{_mandir}/man1/hid2hci.1%{?ext_man}
+%{_mandir}/man1/l2ping.1%{?ext_man}
+%{_mandir}/man1/rctest.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-mgmt.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-monitor.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-admin.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-advertise.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-endpoint.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-gatt.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-player.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-scan.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-transport.1%{?ext_man}
+%{_mandir}/man1/bluetoothctl-assistant.1%{?ext_man}
+%{_mandir}/man1/btmgmt.1%{?ext_man}
+%{_mandir}/man5/org.bluez.*.5%{?ext_man}
+%{_datadir}/dbus-1/system.d/bluetooth.conf
+# not packaged, boo#1151518
+###%%{_datadir}/dbus-1/system.d/bluetooth-mesh.conf
+%dir %{_localstatedir}/lib/bluetooth
+%dir %{_modprobedir}
+%{_modprobedir}/50-bluetooth.conf
+%{_unitdir}/bluetooth.service
+%if %{with mesh}
+%{_unitdir}/bluetooth-mesh.service
+%endif
+%{_datadir}/dbus-1/system-services/org.bluez.service
+# not packaged, boo#1151518
+###%%{_datadir}/dbus-1/system-services/org.bluez.mesh.service
+%config %{_sysconfdir}/bluetooth/input.conf
+%config %{_sysconfdir}/bluetooth/mesh-main.conf
+%config %{_sysconfdir}/bluetooth/network.conf
+
+%files obexd
+%{_libexecdir}/bluetooth/obexd
+%{_datadir}/dbus-1/services/org.bluez.obex.service
+%{_userunitdir}/obex.service
+%{_userunitdir}/dbus-org.bluez.obex.service
+
+%if %{with bluez_deprecated}
+%files deprecated
+%{_bindir}/gatttool
+%{_bindir}/hcitool
+%{_bindir}/rfcomm
+%{_bindir}/sdptool
+%{_bindir}/ciptool
+%{_bindir}/hciattach
+%{_bindir}/hciconfig
+%{_bindir}/hcidump
+%{_mandir}/man1/hcidump.1%{?ext_man}
+%{_mandir}/man1/hciattach.1%{?ext_man}
+%{_mandir}/man1/hciconfig.1%{?ext_man}
+%{_mandir}/man1/hcitool.1%{?ext_man}
+%{_mandir}/man1/sdptool.1%{?ext_man}
+%{_mandir}/man1/ciptool.1%{?ext_man}
+%{_mandir}/man1/rfcomm.1%{?ext_man}
+%{_mandir}/man7/rfcomm.7%{?ext_man}
+%endif
+
+%files devel
+%{_includedir}/bluetooth
+%{_libdir}/libbluetooth.so
+%{_libdir}/pkgconfig/bluez.pc
+
+%files -n libbluetooth3
+%{_libdir}/libbluetooth.so.*
+%doc AUTHORS ChangeLog README
+%license COPYING
+
+%files cups
+%dir %{_prefix}/lib/cups
+%dir %{_prefix}/lib/cups/backend
+%{_prefix}/lib/cups/backend/bluetooth
+
+%files test
+%{_bindir}/avinfo
+#{_bindir}/hciemu
+%{_bindir}/l2test
+%{_bindir}/rctest
+%{_bindir}/btgatt-client
+%dir %{_libdir}/bluez
+%{_libdir}/bluez/test
+%{_mandir}/man7/l2cap.7%{?ext_man}
+
+%files auto-enable-devices
+%dir %{_sysconfdir}/bluetooth
+%config(noreplace) %{_sysconfdir}/bluetooth/main.conf
+
+%files zsh-completion
+%{_datadir}/zsh/site-functions/_bluetoothctl
+
+%changelog

disable_some_obex_tests.patch

@@ -0,0 +1,28 @@
+From: Michel Normand <normand@linux.vnet.ibm.com>
+Subject: disable some obex tests
+Date: Tue, 30 Jan 2018 17:01:45 +0100
+
+disable some obex tests as transient failures
+reported by bug
+https://bugzilla.suse.com/show_bug.cgi?id=1078285
+
+Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
+---
+ Makefile.am | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+Index: bluez-5.71/Makefile.am
+===================================================================
+--- bluez-5.71.orig/Makefile.am
++++ bluez-5.71/Makefile.am
+@@ -602,8 +602,8 @@ unit_test_gdbus_client_LDADD = gdbus/lib
+ 				src/libshared-glib.la $(GLIB_LIBS) $(DBUS_LIBS)
+ 
+ if OBEX
+-unit_tests += unit/test-gobex-header unit/test-gobex-packet unit/test-gobex \
+-			unit/test-gobex-transfer unit/test-gobex-apparam
++unit_tests += unit/test-gobex-header unit/test-gobex-packet \
++			unit/test-gobex-apparam
+ 
+ unit_test_gobex_SOURCES = $(gobex_sources) unit/util.c unit/util.h \
+ 						unit/test-gobex.c

hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch

@@ -0,0 +1,159 @@
+From 08a69d36726b6345df6e64892cadd5ab5d5ca2a6 Mon Sep 17 00:00:00 2001
+From: "Cho, Yu-Chen" <acho@suse.com>
+Date: Tue, 19 Mar 2019 15:54:09 +0800
+Subject: [PATCH BlueZ] hcidump: Add assoc dump function assoc date length check
+
+amp_assoc_dump() didn't check the length of amp assoc struct.
+If there is wrong length size of assoc date, amp_assoc_dump() and
+amp_dump_chanlist() will read over the size(heap-buffer-overflow).
+
+use t_len to save the length avoid use the wrong size of date.
+---
+ tools/parser/amp.c    | 35 +++++++++++++++++++++++++++--------
+ tools/parser/hci.c    |  4 ++--
+ tools/parser/l2cap.c  |  6 ++++--
+ tools/parser/parser.h |  2 +-
+ 4 files changed, 34 insertions(+), 13 deletions(-)
+
+Index: bluez-5.65/tools/parser/amp.c
+===================================================================
+--- bluez-5.65.orig/tools/parser/amp.c
++++ bluez-5.65/tools/parser/amp.c
+@@ -15,7 +15,8 @@
+ #include "parser.h"
+ #include "lib/amp.h"
+ 
+-static void amp_dump_chanlist(int level, struct amp_tlv *tlv, char *prefix)
++static void amp_dump_chanlist(int level, struct amp_tlv *tlv,
++			      uint16_t t_len, char *prefix)
+ {
+ 	struct amp_chan_list *chan_list = (void *) tlv->val;
+ 	struct amp_country_triplet *triplet;
+@@ -25,6 +26,12 @@ static void amp_dump_chanlist(int level,
+ 
+ 	printf("%s (number of triplets %d)\n", prefix, num);
+ 
++	if (btohs(tlv->len) > t_len) {
++		p_indent(level+1, 0);
++		printf("Wrong number of triplets\n");
++		num = (t_len - sizeof(*chan_list)) / sizeof(*triplet);
++	}
++
+ 	p_indent(level+2, 0);
+ 
+ 	printf("Country code: %c%c%c\n", chan_list->country_code[0],
+@@ -55,7 +62,7 @@ static void amp_dump_chanlist(int level,
+ 	}
+ }
+ 
+-void amp_assoc_dump(int level, uint8_t *assoc, uint16_t len)
++void amp_assoc_dump(int level, uint8_t *assoc, uint16_t len, uint16_t t_len)
+ {
+ 	struct amp_tlv *tlv = (void *) assoc;
+ 
+@@ -63,6 +70,14 @@ void amp_assoc_dump(int level, uint8_t *
+ 	printf("Assoc data [len %d]:\n", len);
+ 
+ 	while (len > sizeof(*tlv)) {
++		if (btohs(tlv->len) > (t_len - sizeof(struct amp_tlv))) {
++			p_indent(level+1, 0);
++			printf("Assoc data get error size\n");
++			t_len -= sizeof(struct amp_tlv);
++		} else {
++			t_len -= sizeof(struct amp_tlv) + btohs(tlv->len);
++		}
++
+ 		uint16_t tlvlen = btohs(tlv->len);
+ 		struct amp_pal_ver *ver;
+ 
+@@ -78,11 +93,13 @@ void amp_assoc_dump(int level, uint8_t *
+ 			break;
+ 
+ 		case A2MP_PREF_CHANLIST_TYPE:
+-			amp_dump_chanlist(level, tlv, "Preferred Chan List");
++			amp_dump_chanlist(level, tlv,
++					  t_len, "Preferred Chan List");
+ 			break;
+ 
+ 		case A2MP_CONNECTED_CHAN:
+-			amp_dump_chanlist(level, tlv, "Connected Chan List");
++			amp_dump_chanlist(level, tlv,
++					  t_len, "Connected Chan List");
+ 			break;
+ 
+ 		case A2MP_PAL_CAP_TYPE:
+@@ -106,9 +123,11 @@ void amp_assoc_dump(int level, uint8_t *
+ 			printf("Unrecognized type %d\n", tlv->type);
+ 			break;
+ 		}
+-
+-		len -= tlvlen + sizeof(*tlv);
+-		assoc += tlvlen + sizeof(*tlv);
+-		tlv = (struct amp_tlv *) assoc;
++		if (btohs(tlv->len) <= t_len) {
++			len -= tlvlen + sizeof(*tlv);
++			assoc += tlvlen + sizeof(*tlv);
++			tlv = (struct amp_tlv *) assoc;
++		} else
++			len = 0;
+ 	}
+ }
+Index: bluez-5.65/tools/parser/hci.c
+===================================================================
+--- bluez-5.65.orig/tools/parser/hci.c
++++ bluez-5.65/tools/parser/hci.c
+@@ -1667,7 +1667,7 @@ static inline void write_remote_amp_asso
+ 	printf("handle 0x%2.2x len_so_far %d remaining_len %d\n", cp->handle,
+ 				cp->length_so_far, cp->remaining_length);
+ 
+-	amp_assoc_dump(level + 1, cp->fragment, frm->len - 5);
++	amp_assoc_dump(level + 1, cp->fragment, frm->len - 5, frm->len - 5);
+ }
+ 
+ static inline void command_dump(int level, struct frame *frm)
+@@ -2650,7 +2650,7 @@ static inline void read_local_amp_assoc_
+ 		p_indent(level, frm);
+ 		printf("Error: %s\n", status2str(rp->status));
+ 	} else {
+-		amp_assoc_dump(level + 1, rp->fragment, len);
++		amp_assoc_dump(level + 1, rp->fragment, len, frm->len - 4);
+ 	}
+ }
+ 
+Index: bluez-5.65/tools/parser/l2cap.c
+===================================================================
+--- bluez-5.65.orig/tools/parser/l2cap.c
++++ bluez-5.65/tools/parser/l2cap.c
+@@ -1159,7 +1159,8 @@ static inline void a2mp_assoc_rsp(int le
+ 
+ 	printf("Get AMP Assoc rsp: id %d status (%d) %s\n",
+ 			h->id, h->status, a2mpstatus2str(h->status));
+-	amp_assoc_dump(level + 1, h->assoc_data, len - sizeof(*h));
++	amp_assoc_dump(level + 1, h->assoc_data,
++		       len - sizeof(*h), frm->len - sizeof(*h));
+ }
+ 
+ static inline void a2mp_create_req(int level, struct frame *frm, uint16_t len)
+@@ -1168,7 +1169,8 @@ static inline void a2mp_create_req(int l
+ 
+ 	printf("Create Physical Link req: local id %d remote id %d\n",
+ 		   h->local_id, h->remote_id);
+-	amp_assoc_dump(level + 1, h->assoc_data, len - sizeof(*h));
++	amp_assoc_dump(level + 1, h->assoc_data,
++		       len - sizeof(*h), frm->len - sizeof(*h));
+ }
+ 
+ static inline void a2mp_create_rsp(int level, struct frame *frm)
+Index: bluez-5.65/tools/parser/parser.h
+===================================================================
+--- bluez-5.65.orig/tools/parser/parser.h
++++ bluez-5.65/tools/parser/parser.h
+@@ -236,7 +236,7 @@ void ericsson_dump(int level, struct fra
+ void csr_dump(int level, struct frame *frm);
+ void bpa_dump(int level, struct frame *frm);
+ 
+-void amp_assoc_dump(int level, uint8_t *assoc, uint16_t len);
++void amp_assoc_dump(int level, uint8_t *assoc, uint16_t len, uint16_t t_len);
+ 
+ static inline void parse(struct frame *frm)
+ {

hcidump-Fix-memory-leak-with-malformed-packet.patch

@@ -0,0 +1,33 @@
+From 98bee47cca1b8a6b17bb0178f951fe7902abc2f0 Mon Sep 17 00:00:00 2001
+From: "Cho, Yu-Chen" <acho@suse.com>
+Date: Wed, 24 Apr 2019 16:10:56 +0800
+Subject: [PATCH BlueZ] tool/hcidump: Fix memory leak with malformed packet
+
+Do not allow to read more than allocated data buffer size.
+Because of the buffer is malloc(HCI_MAX_FRAME_SIZE),
+so there is heap buffer overflow if read the size more than
+HCI_MAX_FRAME_SIZE and fd size is larger than HCI_MAX_FRAME_SIZE.
+---
+ tools/hcidump.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+Index: bluez-5.60/tools/hcidump.c
+===================================================================
+--- bluez-5.60.orig/tools/hcidump.c
++++ bluez-5.60/tools/hcidump.c
+@@ -92,6 +92,15 @@ struct pktlog_hdr {
+ static inline int read_n(int fd, char *buf, int len)
+ {
+ 	int t = 0, w;
++	off_t fsize, currentpos, startpos;
++
++	currentpos = lseek(fd, 0, SEEK_CUR);
++	fsize = lseek(fd, 0, SEEK_END);
++	lseek(fd, currentpos, SEEK_SET);
++	fsize -= currentpos;
++
++	if (fsize > HCI_MAX_FRAME_SIZE && len > HCI_MAX_FRAME_SIZE)
++		return -1;
+ 
+ 	while (len > 0) {
+ 		if ((w = read(fd, buf, len)) < 0) {

hcidump-Fixed-malformed-segment-frame-length.patch

@@ -0,0 +1,26 @@
+From da04ba5e6b3f151c1644a17ac0fa2317ebc81edd Mon Sep 17 00:00:00 2001
+From: "Cho, Yu-Chen" <acho@suse.com>
+Date: Tue, 15 Oct 2019 15:45:43 +0800
+Subject: [PATCH] hcidump: Fixed malformed segment frame length
+
+Ensure the L2CAP SDUs whose length field match the actual frame length.
+---
+ tools/parser/l2cap.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+Index: bluez-5.60/tools/parser/l2cap.c
+===================================================================
+--- bluez-5.60.orig/tools/parser/l2cap.c
++++ bluez-5.60/tools/parser/l2cap.c
+@@ -759,6 +759,11 @@ static inline void conf_rsp(int level, l
+ 			scid, btohs(h->flags), result, clen);
+ 
+ 	if (clen > 0) {
++	        if (clen != (btohs(frm->len) - L2CAP_CONF_RSP_SIZE)) {
++			fprintf(stderr, "Not match the actual frame length\n");
++			clen = btohs(frm->len) - L2CAP_CONF_RSP_SIZE;
++		}
++
+ 		if (result) {
+ 			p_indent(level + 1, frm);
+ 			printf("%s\n", confresult2str(result));