[Git][security-tracker-team/security-tracker][master] Android updates

Neil Williams (@codehelp) Wed, 11 May 2022 04:04:18 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4eb8f263 by Neil Williams at 2022-05-11T12:03:50+01:00
Android updates

Update CVE-2021-39796 from the closed bug #1009626
CVE-2022-20011 - not accessible from Debian builds

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -40903,9 +40903,11 @@ CVE-2021-42040 (An issue was discovered in MediaWiki 
through 1.36.2. A parser fu
 CVE-2021-3865
        RESERVED
 CVE-2022-20011 (In getArray of NotificationManagerService.java , there is a 
possible l ...)
-       TODO: check
+       - android-platform-frameworks-base <not-affected> (Not accessible in 
Debian builds)
+       NOTE: https://source.android.com/security/bulletin/2022-05-01
+       NOTE: 
https://android.googlesource.com/platform/frameworks/base/+/f315ba91df3829d862371fbab9da584ce0a59bc6
 CVE-2022-20010 (In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible 
out of bo ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2022-20009 (In various functions of the USB gadget subsystem, there is a 
possible  ...)
        NOTE: CVE-2022-20009 duplicate of CVE-2022-25375 and CVE-2022-25258, 
Android CNA contacted
 CVE-2022-20008 (In mmc_blk_read_single of block.c, there is a possible way to 
read ker ...)
@@ -46530,7 +46532,7 @@ CVE-2021-39798 (In Bitmap_createFromParcel of 
Bitmap.cpp, there is a possible ar
 CVE-2021-39797 (In several functions of of LauncherApps.java, there is a 
possible esca ...)
        NOT-FOR-US: Android
 CVE-2021-39796 (In HarmfulAppWarningActivity of 
HarmfulAppWarningActivity.java, there  ...)
-       - android-platform-frameworks-base <unfixed> (unimportant; bug #1009626)
+       - android-platform-frameworks-base <not-affected> (unimportant; Not 
accessible in Debian builds, see bug #1009626)
        NOTE: 
https://android.googlesource.com/platform/frameworks/base/+/e74a2a320bf896bc30618ce486203bafe453c469
        NOTE: https://source.android.com/security/bulletin/2022-04-01
        NOTE: No security impact for Android as provided in Debian



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4eb8f26314bd684f5870a7b5973a893d377f723b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4eb8f26314bd684f5870a7b5973a893d377f723b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Android updates

Reply via email to