[Git][security-tracker-team/security-tracker][master] NFUs, one imagemagick dupe by Android

Moritz Muehlenhoff jmm at debian.org
Fri Dec 13 13:44:28 GMT 2019 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7bfd34c6 by Moritz Muehlenhoff at 2019-12-13T13:44:01Z
NFUs, one imagemagick dupe by Android

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -57633,25 +57633,25 @@ CVE-2019-2228 (In array_find of array.c, there is a possible out-of-bounds read
 CVE-2019-2227 (In DeepCopy of btif_av.cc, there is a possible out of bounds read due  ...)
 	NOT-FOR-US: Android
 CVE-2019-2226 (In device_class_to_int of device_class.cc, there is a possible out of  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2225 (When pairing with a Bluetooth device, it may be possible to pair a mal ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2224 (In ReadMATImage of mat.c, there is a possible out of bounds write due  ...)
-	TODO: check
+	NOTE: Duplicate of CVE-2019-15140, reported to MITRE
 CVE-2019-2223 (In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bo ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2019-2222 (n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android Media Framework
 CVE-2019-2221 (In hasActivityInVisibleTask of WindowProcessController.java there&#821 ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2220 (In checkOperation of AppOpsService.java, there is a possible bypass of ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2219 (In System UI, there is a possible bypass of user's consent for access  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2218 (In createSessionInternal of PackageInstallerService.java, there is a p ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2217 (In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corrupt ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2019-2216
 	RESERVED
 CVE-2019-2215 (A use-after-free in binder.c allows an elevation of privilege from an  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bfd34c6506f815be3d4b6cad33c851959773485

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7bfd34c6506f815be3d4b6cad33c851959773485
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191213/98dfaf2e/attachment.html>

More information about the debian-security-tracker-commits mailing list