[Git][security-tracker-team/security-tracker][master] Mark the two android-platform-frameworks-base as unimportant

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 11 21:00:35 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eb19d805 by Salvatore Bonaccorso at 2022-05-11T21:59:42+02:00
Mark the two android-platform-frameworks-base as unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -40939,9 +40939,10 @@ CVE-2021-42040 (An issue was discovered in MediaWiki through 1.36.2. A parser fu
 CVE-2021-3865
 	RESERVED
 CVE-2022-20011 (In getArray of NotificationManagerService.java , there is a possible l ...)
-	- android-platform-frameworks-base <not-affected> (Not accessible in Debian builds)
+	- android-platform-frameworks-base <unfixed> (unimportant)
 	NOTE: https://source.android.com/security/bulletin/2022-05-01
 	NOTE: https://android.googlesource.com/platform/frameworks/base/+/f315ba91df3829d862371fbab9da584ce0a59bc6
+	NOTE: Not accessible in Debian builds, No security impact for Android as provided in Debian
 CVE-2022-20010 (In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bo ...)
 	NOT-FOR-US: Android
 CVE-2022-20009 (In various functions of the USB gadget subsystem, there is a possible  ...)
@@ -46568,10 +46569,10 @@ CVE-2021-39798 (In Bitmap_createFromParcel of Bitmap.cpp, there is a possible ar
 CVE-2021-39797 (In several functions of of LauncherApps.java, there is a possible esca ...)
 	NOT-FOR-US: Android
 CVE-2021-39796 (In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there  ...)
-	- android-platform-frameworks-base <not-affected> (unimportant; Not accessible in Debian builds, see bug #1009626)
+	- android-platform-frameworks-base <unfixed> (unimportant; bug #1009626)
 	NOTE: https://android.googlesource.com/platform/frameworks/base/+/e74a2a320bf896bc30618ce486203bafe453c469
 	NOTE: https://source.android.com/security/bulletin/2022-04-01
-	NOTE: No security impact for Android as provided in Debian
+	NOTE: No security impact for Android as provided in Debian, Not accessible in Debian builds
 CVE-2021-39795 (In multiple locations of MediaProvider.java , there is a possible way  ...)
 	NOT-FOR-US: Android
 CVE-2021-39794 (In broadcastPortInfo of AdbService.java, there is a possible way for a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb19d805b4dfdd0dad7feac50232fc7fd75293f0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb19d805b4dfdd0dad7feac50232fc7fd75293f0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220511/37a2f701/attachment.htm>

More information about the debian-security-tracker-commits mailing list