[Secure-testing-commits] r58306 - data/CVE

Salvatore Bonaccorso Wed, 06 Dec 2017 12:04:05 -0800

Author: carnil
Date: 2017-12-06 20:03:30 +0000 (Wed, 06 Dec 2017)
New Revision: 58306


Modified:
   data/CVE/list
Log:
Reevaluate CVE-2017-0861/linux

Seems to not have been Android specific, even though at first glance the
Nexus Security Bulletin of 2017-11 did mention it as A-36006981*
indicating this is not an upstream kernel issue.

Apparently upstrem has adressed it, so update the CVE to match
src:linux.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-12-06 19:33:03 UTC (rev 58305)
+++ data/CVE/list       2017-12-06 20:03:30 UTC (rev 58306)
@@ -50796,7 +50796,8 @@
 CVE-2017-0862 (An elevation of privilege vulnerability in the Upstream kernel 
kernel. ...)
        NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
 CVE-2017-0861 (An elevation of privilege vulnerability in the Upstream kernel 
audio ...)
-       NOT-FOR-US: Android driver (proprietary, not part of upstream kernel)
+       - linux <unfixed>
+       NOTE: 
https://git.kernel.org/linus/362bca57f5d78220f8b5907b875961af9436e229
 CVE-2017-0860 (An elevation of privilege vulnerability in the Android system 
...)
        NOT-FOR-US: Android
 CVE-2017-0859 (Another vulnerability in the Android media framework (n/a). 
Product: ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r58306 - data/CVE

Reply via email to