[Git][security-tracker-team/security-tracker][master] Android updates

Neil Williams (@codehelp) codehelp at debian.org
Wed May 11 12:04:08 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4eb8f263 by Neil Williams at 2022-05-11T12:03:50+01:00
Android updates

Update CVE-2021-39796 from the closed bug #1009626
CVE-2022-20011 - not accessible from Debian builds

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -40903,9 +40903,11 @@ CVE-2021-42040 (An issue was discovered in MediaWiki through 1.36.2. A parser fu
 CVE-2021-3865
 	RESERVED
 CVE-2022-20011 (In getArray of NotificationManagerService.java , there is a possible l ...)
-	TODO: check
+	- android-platform-frameworks-base <not-affected> (Not accessible in Debian builds)
+	NOTE: https://source.android.com/security/bulletin/2022-05-01
+	NOTE: https://android.googlesource.com/platform/frameworks/base/+/f315ba91df3829d862371fbab9da584ce0a59bc6
 CVE-2022-20010 (In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bo ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2022-20009 (In various functions of the USB gadget subsystem, there is a possible  ...)
 	NOTE: CVE-2022-20009 duplicate of CVE-2022-25375 and CVE-2022-25258, Android CNA contacted
 CVE-2022-20008 (In mmc_blk_read_single of block.c, there is a possible way to read ker ...)
@@ -46530,7 +46532,7 @@ CVE-2021-39798 (In Bitmap_createFromParcel of Bitmap.cpp, there is a possible ar
 CVE-2021-39797 (In several functions of of LauncherApps.java, there is a possible esca ...)
 	NOT-FOR-US: Android
 CVE-2021-39796 (In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there  ...)
-	- android-platform-frameworks-base <unfixed> (unimportant; bug #1009626)
+	- android-platform-frameworks-base <not-affected> (unimportant; Not accessible in Debian builds, see bug #1009626)
 	NOTE: https://android.googlesource.com/platform/frameworks/base/+/e74a2a320bf896bc30618ce486203bafe453c469
 	NOTE: https://source.android.com/security/bulletin/2022-04-01
 	NOTE: No security impact for Android as provided in Debian



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4eb8f26314bd684f5870a7b5973a893d377f723b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4eb8f26314bd684f5870a7b5973a893d377f723b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220511/04be02c6/attachment.htm>

More information about the debian-security-tracker-commits mailing list