@@ -11099,7 +11099,8 @@ CONFIG_BT_BNEP_MC_FILTER policy<{'amd64': 'y', 'arm64': '
CONFIG_BT_BNEP_PROTO_FILTER policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'i386': 'y', 'ppc64el': 'y', }>
CONFIG_BT_CMTP policy<{'amd64': 'm', 'arm64': 'm', 'armhf': 'm', 'i386': 'm', 'ppc64el': 'm', }>
CONFIG_BT_HIDP policy<{'amd64': 'm', 'arm64': 'm', 'armhf': 'm', 'i386': 'm', 'ppc64el': 'm', }>
-CONFIG_BT_HS policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'i386': 'y', 'ppc64el': 'y', }>
+CONFIG_BT_HS policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'i386': 'n', 'ppc64el': 'n', }>
+CONFIG_BT_HS mark<ENFORCED> note<https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html>
# Menu: Networking support >> Bluetooth subsystem support >> Bluetooth device drivers
CONFIG_BT_HCIBTSDIO policy<{'amd64': 'm', 'arm64': 'm', 'armhf': 'm', 'i386': 'm', 'ppc64el': 'm', }>
@@ -1269,7 +1269,7 @@ CONFIG_BT_HCIUART_RTL=y
CONFIG_BT_HCIUART_SERDEV=y
CONFIG_BT_HCIVHCI=m
CONFIG_BT_HIDP=m
-CONFIG_BT_HS=y
+# CONFIG_BT_HS is not set
CONFIG_BT_INTEL=m
CONFIG_BT_LE=y
CONFIG_BT_LEDS=y
The Intel BlueZ project recommends in [1] to disable highspeed support as part of the fixes for the security issues. This does the required changes. [1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html CVE-2020-24490 CVE-2020-12351 CVE-2020-12352 Signed-off-by: Stefan Bader <stefan.bader@canonical.com> --- debian.master/config/annotations | 3 ++- debian.master/config/config.common.ubuntu | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-)