Author: carnil Date: 2017-12-06 20:03:30 +0000 (Wed, 06 Dec 2017) New Revision: 58306
Modified: data/CVE/list Log: Reevaluate CVE-2017-0861/linux Seems to not have been Android specific, even though at first glance the Nexus Security Bulletin of 2017-11 did mention it as A-36006981* indicating this is not an upstream kernel issue. Apparently upstrem has adressed it, so update the CVE to match src:linux. Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-12-06 19:33:03 UTC (rev 58305) +++ data/CVE/list 2017-12-06 20:03:30 UTC (rev 58306) @@ -50796,7 +50796,8 @@ CVE-2017-0862 (An elevation of privilege vulnerability in the Upstream kernel kernel. ...) NOT-FOR-US: Android driver (proprietary, not part of upstream kernel) CVE-2017-0861 (An elevation of privilege vulnerability in the Upstream kernel audio ...) - NOT-FOR-US: Android driver (proprietary, not part of upstream kernel) + - linux <unfixed> + NOTE: https://git.kernel.org/linus/362bca57f5d78220f8b5907b875961af9436e229 CVE-2017-0860 (An elevation of privilege vulnerability in the Android system ...) NOT-FOR-US: Android CVE-2017-0859 (Another vulnerability in the Android media framework (n/a). Product: ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits