OSDN Git Service
Vasyl Gello [Tue, 4 Aug 2020 16:25:12 +0000 (16:25 +0000)]
Bump Security String to 2020-08-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0108 A-
140108616 EoP High 8.1, 9, 10
CVE-2020-0238 A-
150946634 EoP High 8.0, 8.1, 9, 10
CVE-2020-0241 A-
151456667 EoP High 8.0, 8.1, 9, 10
CVE-2020-0247 A-
156087409 DoS High 8.0, 8.1, 10
CVE-2020-0256 A-
152874864 EoP High 8.0, 8.1, 9, 10
Previously Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0239 A-
151095863 ID High 9, 10
CVE-2020-0240 A-
150706594 RCE High 10
CVE-2020-0242 A-
151643722 EoP High 8.0, 8.1, 9, 10
CVE-2020-0243 A-
151644303 EoP High 8.0, 8.1, 9, 10
CVE-2020-0248 A-
154627439 ID High 10
CVE-2020-0249 A-
154719656 ID High 8.0, 8.1, 9, 10
CVE-2020-0250 A-
154934934 ID High 10
CVE-2020-0257 A-
156741968 EoP High 10
CVE-2020-0258 A-
157598956 ID High 10
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Change-Id: Iae5998aee180c3ab43003407194bb2a462594a8c
syphyr [Tue, 7 Jul 2020 21:18:56 +0000 (23:18 +0200)]
Bump Security String to 2020-07-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-9589 A-
156261521 RCE Critical 8.0, 8.1, 9, 10
CVE-2020-0224 A-
147664838 RCE Critical 8.0, 8.1, 9, 10
Not Implemented:
================
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0227 A-
129476618 EoP High 8.0, 8.1, 9, 10
CVE-2020-0226 A-
150226994 EoP High 10
CVE-2020-0225 A-
142546668 RCE Critical 10
CVE-2020-0122 A-
147247775 EoP High 8.0, 8.1, 9, 10
CVE-2020-0107 A-
146570216 ID High 10
Change-Id: I30f51b17135ce444ec5298788b371fde93fd4ed2
Vasyl Gello [Tue, 2 Jun 2020 04:44:19 +0000 (04:44 +0000)]
Bump Security String to 2020-06-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0115 A-
150038428 EoP High 8.0, 8.1, 9, 10
CVE-2020-0117 A-
151155194 RCE Critical 8.0, 8.1, 9, 10
Previously Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-8597 A-
151153886 RCE Critical 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2219 A-
119041698 ID High 8.0, 8.1, 9, 10
CVE-2019-9460 A-
62535446 EoP High 10
CVE-2020-0113 A-
150944913 ID High 9, 10
CVE-2020-0114 A-
147606347 EoP High 10
CVE-2020-0116 A-
151330809 ID High 10
CVE-2020-0118 A-
150904694 EoP High 10
CVE-2020-0119 A-
150500247 ID High 10
CVE-2020-0121 A-
148180766 ID High 10
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Change-Id: I63d25b01f8659330fb1a6e34b22105eaee6e8c89
Vasyl Gello [Tue, 5 May 2020 06:16:59 +0000 (06:16 +0000)]
Bump Security String to 2020-05-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0024 A-
137015265 EoP High 8.0, 8.1, 9, 10
CVE-2020-0093 A-
148705132 ID High 8.0, 8.1, 9, 10
CVE-2020-0096 A-
145669109 EoP Critical 8.0, 8.1, 9
CVE-2020-0098 A-
144285917 EoP High 8.0, 8.1, 9, 10
CVE-2020-0100 A-
150156584 ID High 8.0, 8.1
CVE-2020-0101 A-
144767096 ID High 8.0, 8.1, 9, 10
CVE-2020-0102 A-
143231677 EoP High 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0092 A-
145135488 ID High 10
CVE-2020-0094 A-
148223871 EoP High 9, 10
CVE-2020-0097 A-
145981139 EoP High 9, 10
CVE-2020-0103 A-
148107188 RCE Critical 9, 10
CVE-2020-0104 A-
144430870 ID Moderate 9, 10
CVE-2020-0105 A-
144285084 EoP High 9, 10
CVE-2020-0106 A-
148414207 ID High 10
CVE-2020-0109 A-
148059175 EoP High 9, 10
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Change-Id: Ide09bd6adbc346726f49eddc7ccaba488f6a4205
Vasyl Gello [Tue, 7 Apr 2020 03:18:22 +0000 (03:18 +0000)]
Bump Security String to 2020-04-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-5018 A-
140180629 EoP High 8.0, 8.1, 9, 10
CVE-2019-8457 A-
140182003 ID High 8.0, 8.1, 9, 10
CVE-2019-9936 A-
140181188 ID Moderate 8.0, 8.1, 9, 10
CVE-2020-0070 A-
148159613 RCE Critical 8.0, 8.1, 9, 10
CVE-2020-0071 A-
147310721 RCE Critical 8.0, 8.1, 9, 10
CVE-2020-0072 A-
147310271 RCE Critical 8.0, 8.1, 9, 10
CVE-2020-0073 A-
147309942 RCE Critical 8.0, 8.1, 9, 10
CVE-2020-0081 A-
144028297 EoP High 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2056 A-
140879284* ID High 10
CVE-2020-0078 A-
144766455 EoP High 9, 10
CVE-2020-0079 A-
144506242 EoP High 9, 10
CVE-2020-0080 A-
144092031 EoP High 10
CVE-2020-0082 A-
140417434 EoP High 10
Change-Id: Ica157a32f0da468c6cf1d5284eb80ecbfdb04a34
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Vasyl Gello [Tue, 3 Mar 2020 12:37:19 +0000 (12:37 +0000)]
Bump Security String to 2020-03-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0032 A-
145364230 RCE Critical 8.0, 8.1, 9, 10
CVE-2020-0034 A-
62458770 ID High 8.0, 8.1
CVE-2020-0036 A-
144679405 EoP High 8.0, 8.1, 9, 10
CVE-2020-0035 A-
140622024 ID High 8.0, 8.1, 9
CVE-2020-0038 A-
143109193 ID High 8.0, 8.1, 9, 10
CVE-2020-0039 A-
143155861 ID High 8.0, 8.1, 9, 10
CVE-2020-0037 A-
143106535 ID High 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2194 A-
137284057 EoP High 9
CVE-2020-0029 A-
140065828 ID High 10
CVE-2020-0031 A-
141703197 ID High 10
CVE-2020-0033 A-
144351324 EoP High 8.0, 8.1, 9, 10
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Change-Id: I49ff32447357fe01d3d51b894d9c545abeb3a082
Vasyl Gello [Wed, 5 Feb 2020 11:59:06 +0000 (11:59 +0000)]
Bump Security String to 2020-02-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0005 A-
141552859 EOP High 8.0, 8.1, 9, 10
CVE-2020-0014 A-
128674520 EoP High 8.0, 8.1, 9, 10
CVE-2020-0015 A-
139017101 EoP High 8.0, 8.1, 9, 10
CVE-2020-0017 A-
123232892 ID High 8.0, 8.1, 9, 10
CVE-2020-0018 A-
139945049 ID High 8.0, 8.1, 9, 10
CVE-2020-0022 A-
143894715 DoS Moderate 10
RCE Critical 8.0, 8.1, 9
CVE-2020-0026 A-
140419401 EoP High 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2200 A-
67319274 EoP High 10
CVE-2020-0020 A-
143118731 ID High 10
CVE-2020-0021 A-
141413692 DoS High 10
CVE-2020-0023 A-
145130871 ID Critical 10
CVE-2020-0027 A-
144040966 EoP High 8.0, 8.1, 9, 10
CVE-2020-0028 A-
122652057 ID High 9
Change-Id: I819743b32c325877fb8bd284e3d4868b114c38c8
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Vasyl Gello [Tue, 7 Jan 2020 18:11:00 +0000 (18:11 +0000)]
Bump Security String to 2020-01-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0001 A-
140055304 EoP Moderate 10
EoP High 8.0, 8.1, 9
CVE-2020-0002 A-
142602711 RCE Moderate 10
RCE Critical 8.0, 8.1, 9
CVE-2020-0004 A-
120847476 DoS High 8.0, 8.1, 9, 10
CVE-2020-0006 A-
139738828 ID High 8.0, 8.1, 9, 10
CVE-2020-0007 A-
141890807 ID High 8.0, 8.1, 9, 10
CVE-2020-0008 A-
142558228 ID High 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2020-0003 A-
140195904 EoP High 8.0
Change-Id: I07f2843802abe502f015324011870b459607af1e
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Vasyl Gello [Tue, 3 Dec 2019 10:06:48 +0000 (10:06 +0000)]
Bump Security String to 2019-12-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2222 A-
140322595 RCE Moderate 10
RCE Critical 8.0, 8.1, 9
CVE-2019-2223 A-
140692129 RCE Moderate 10
RCE Critical 8.0, 8.1, 9
CVE-2019-2224 A-
140328986 RCE High 8.0, 8.1, 9, 10
CVE-2019-2225 A-
110433804 EoP High 8.0, 8.1, 9, 10
CVE-2019-2226 A-
140152619 ID High 8.0, 8.1, 9, 10
CVE-2019-2229 A-
139803872 ID High 8.0, 8.1, 9, 10
CVE-2019-2232 A-
140632678 DoS Critical 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2217 A-
141003796 EoP High 10
CVE-2019-2218 A-
141169173 EoP High 10
CVE-2019-2219 A-
119041698 ID High 9, 10
CVE-2019-2220 A-
138636979 ID High 9, 10
CVE-2019-2221 A-
138583650 EoP Moderate 10
CVE-2019-2227 A-
140768453 ID High 9, 10
CVE-2019-2228 A-
111210196 ID High 8.0, 8.1, 9, 10
CVE-2019-2230 A-
141170038 ID High 10
CVE-2019-2231 A-
141955555 ID High 9, 10
CVE-2019-9464 A-
141028068 EoP High 10
Change-Id: Ib45178b9e65801e030df422406bfd6622b54658b
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Vasyl Gello [Fri, 8 Nov 2019 12:01:48 +0000 (12:01 +0000)]
Bump Security String to 2019-11-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2036 A-
79703832 EoP High 8.0, 8.1, 9, 10
CVE-2019-2193 A-
132261064 EoP High 8.0, 8.1, 9, 10
CVE-2019-2195 A-
139186193 EoP High 8.0, 8.1, 9, 10
CVE-2019-2196 A-
135269143 ID High 8.0, 8.1, 9, 10
CVE-2019-2197 A-
138529441 ID High 8.0, 8.1, 9, 10
CVE-2019-2198 A-
135270103 ID High 8.0, 8.1, 9, 10
CVE-2019-2201 A-
120551338 RCE High 8.0, 8.1, 9, 10
CVE-2019-2204 A-
138442295 RCE Critical 9
CVE-2019-2205 A-
139806216 RCE Critical 8.0, 8.1, 9, 10
CVE-2019-2206 A-
139188579 RCE Critical 8.0, 8.1, 9, 10
CVE-2019-2207 A-
124524315 EoP High 8.0, 8.1, 9, 10
CVE-2019-2208 A-
138441919 ID High 9
CVE-2019-2209 A-
139287605 ID High 8.0, 8.1, 9, 10
CVE-2019-2211 A-
135269669 ID High 8.0, 8.1, 9, 10
CVE-2019-2212 A-
139690488 ID High 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2192 A-
138441555 EoP High 9, 10
CVE-2019-2199 A-
138650665 EoP High 10
CVE-2019-2202 A-
137283376 EoP High 9, 10
CVE-2019-2203 A-
137370777 EoP High 8.0, 8.1, 9, 10
CVE-2019-2233 A-
140486529 EoP High 10
Change-Id: I0ea3e85d7cebbada771e41efe74b949d0f6cd0e3
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
Vasyl Gello [Tue, 8 Oct 2019 18:53:00 +0000 (18:53 +0000)]
Bump Security String to 2019-10-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2173 A-
123013720 EoP High 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2184 A-
134578122 RCE Critical 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2185 A-
136173699 RCE Critical 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2186 A-
136175447 RCE Critical 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2187 A-
124940143 ID High 7.1.1, 7.1.2, 8.0, 8.1, 9, 10
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2110 A-
69703445 ID High 9
CVE-2019-2114 A-
123700348 EoP High 8.0, 8.1, 9
Change-Id: Ic0c43e5b0fdaca92a58b48abd3a2f9fb2a67af9e
Kevin F. Haggerty [Fri, 6 Sep 2019 04:11:54 +0000 (22:11 -0600)]
Bump Security String to 2019-09-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2115 A-
129768470 EoP High 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2123 A-
34175893 EoP High 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2124 A-
127320867 ID High 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2174 A-
132927376 EoP High 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2177 A-
132456322 RCE High 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2178 A-
124462242 EoP High 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2179 A-
126200054 ID High 7.1.1, 7.1.2, 8.0, 8.1, 9
Not Implemented:
================
None
Not Applicable (platform source):
===============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2103 A-
120610669 ID High 9
CVE-2019-2108 A-
130025324 RCE Critical 10
CVE-2019-2175 A-
135551349 EoP High 9
CVE-2019-2176 A-
134420911 RCE Critical 8.0, 8.1, 9
CVE-2019-2180 A-
110899492 ID High 8.0, 8.1, 9
CVE-2019-9254 A-
130164289 EoP High 10
Change-Id: I554962ea4c994203db932079db78dc9c07444d44
Vasyl Gello [Tue, 6 Aug 2019 20:52:06 +0000 (23:52 +0300)]
Bump Security String to 2019-08-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2120 A-
130821293 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2122 A-
127605586 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2125 A-
132275252 EoP Moderate 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2126 A-
127702368 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2128 A-
132647222 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2129 A-
124781927 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2130 A-
132073833 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2131 A-
119115683 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2132 A-
130568701 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2133 A-
132082342 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2134 A-
132083376 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2135 A-
125900276 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2136 A-
132650049 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2127 A-
124899895 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2121 A-
131105245 EoP High 9
CVE-2019-2137 A-
132438333 DoS High 9
Change-Id: I8fa6361a9fcfe16073afc84aa1371709fc8b42e3
Vasyl Gello [Tue, 2 Jul 2019 12:18:02 +0000 (12:18 +0000)]
Bump Security String to 2019-07-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2105 A-
116114182 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2106 A-
130023983 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2107 A-
130024844 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2109 A-
130651570 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2019-2116 A-
117105007 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2117 A-
124107808 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2104 A-
131356202 ID High 8.0, 8.1, 9
CVE-2019-2111 A-
122856181 RCE Critical 9
CVE-2019-2112 A-
117997080 EoP High 8.0, 8.1, 9
CVE-2019-2118 A-
130161842 ID High 8.0, 8.1, 9
CVE-2019-2119 A-
131622568 ID High 8.0, 8.1, 9
Change-Id: I17483a0ed070e82f4025423f137de6f31617a588
syphyr [Wed, 5 Jun 2019 19:56:38 +0000 (21:56 +0200)]
Bump Security String to 2019-06-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2090 A-
128599183 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2091 A-
128599660 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2019-2092 A-
128599668 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2094 A-
129068792 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2096 A-
123237974 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2097 A-
117606285 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2102 A-
128843052 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2098 A-
128599467 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2099 A-
123583388 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9526 A-
112159033 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Not Implemented:
================
CVE: References: Type: Severity: Updated AOSP versions:
None
Not Applicable (platform source):
=================================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2093 A-
119292397 RCE Critical 9
CVE-2019-2095 A-
124232283 RCE Critical 9
Change-Id: I12998db289621eb67ac7eb2faa7f408ed29f57a7
Vasyl Gello [Tue, 7 May 2019 05:35:24 +0000 (08:35 +0300)]
Bump Security String to 2019-05-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2043 A-
120484087 EoP Moderate 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2044 A-
123701862 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2045 A-
117554758 RCE Critical 7.0, 7.1.1, 7.1.2, 8.1, 9
CVE-2019-2046 A-
117556220 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2047 A-
117607414 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2051 A-
117555811 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2052 A-
117556606 ID High 7.0, 7.1.1, 7.1.2, 8.1, 9
CVE-2019-2053 A-
122074159 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Not Implemented:
================
None
Not Applicable (platform source):
================
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2049 A-
120445479 EoP High 9
CVE-2019-2050 A-
121327323 EoP High 8.0, 8.1, 9
Change-Id: I636a1c0b84dd78244596cb9ea9be24d5d56b5163
Vasyl Gello [Thu, 4 Apr 2019 07:47:21 +0000 (10:47 +0300)]
Bump Security String to 2019-04-05
Implemented:
============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2027 A-
119120561 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2028 A-
120644655 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2029 A-
120612744 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2031 A-
120502559 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2034 A-
122035770 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2035 A-
122320256 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2037 A-
119870451 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2038 A-
121259048 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-2039 A-
121260197 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Not Implemented:
================
None
Not Applicable (platform source):
===============
CVE: References: Type: Severity: Updated AOSP versions:
CVE-2019-2026 A-
120866126 EoP High 8.0
CVE-2019-2030 A-
119496789 EoP High 9
CVE-2019-2032 A-
121145627 EoP High 8.0, 8.1, 9
CVE-2019-2033 A-
121327565 EoP High 9
CVE-2019-2040 A-
122316913 ID High 9
CVE-2019-2041 A-
122034690 EoP High 8.1, 9 (device-specific)
Change-Id: I72ca6a2040a842ea967ad24e2fa605f095bbf4eb
Tim Schumacher [Mon, 4 Mar 2019 23:52:31 +0000 (00:52 +0100)]
Bump Security Patch Level to 2019-03-01
CVE-2018-20346 A-
121156452 High Change 243410
CVE-2019-1985 A-
118694079 High Change 243422
CVE-2019-2003 A-
116321860 High Change 243421
CVE-2019-2004 A-
115739809 High Change 243423
CVE-2019-1989 A-
118399205 Crit. Change 243408
CVE-2019-1990 A-
118453553 Crit. Change 243409
CVE-2019-2009 A-
120665616 Crit. Change 243424
CVE-2019-2010 A-
118152591 High Change 243413
CVE-2019-2012 A-
120497437 High Change 243414
CVE-2019-2013 A-
120497583 High Change 243414
CVE-2019-2014 A-
120499324 High Change 243417
CVE-2019-2015 A-
120503926 High Change 243415
CVE-2019-2016 A-
120664978 High Change 243416
CVE-2019-2017 A-
121035711 High Change 243420
CVE-2018-9561 A-
111660010 High Change 243411
CVE-2018-9563 A-
114237888 High Change 243411
CVE-2018-9564 A-
114238578 High Change 243411
CVE-2019-2019 A-
115635871 High Change 243419
CVE-2019-2020 A-
116788646 High Change 243412
CVE-2019-2021 A-
120428041 High Change 243418
CVE-2019-2022 A-
120506143 High Change 243414
Change-Id: I16eca71b15f85304d750213d47bd871aee52a1a9
syphyr [Wed, 6 Feb 2019 20:07:39 +0000 (21:07 +0100)]
Bump Security Patch Level to 2019-02-05
Implemented:
============
CVE-2019-1987 A-
118143775 [2] RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-1991 A-
110166268 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-1992 A-
116222069 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-1995 A-
32589229 [2] ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2019-1997 A-
117508900 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Not Implemented:
================
CVE-2017-17760 A-
78029030* RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-5268 A-
78029634* RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-5269 A-
78029727* RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2017-18009 A-
78026242* ID Moderate 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
No impact:
==========
CVE-2019-1986 A-
117838472 [2] RCE Critical 9
CVE-2019-1988 A-
118372692 RCE Critical 8.0, 8.1, 9
CVE-2019-1993 A-
119819889 EoP High 8.0, 8.1, 9
CVE-2019-1994 A-
117770924 EoP High 8.0, 8.1, 9
CVE-2019-1996 A-
111451066 ID High 8.0, 8.1, 9
CVE-2019-1998 A-
116055338 [2] DoS High 9
Change-Id: Ib7ade3ab4a1780d829aba3bad9db04ffee6799d1
syphyr [Thu, 10 Jan 2019 00:09:14 +0000 (01:09 +0100)]
Bump Security Patch Level to 2019-01-05
Implemented:
============
CVE-2018-9583 A-
112860487 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9584 A-
114047681 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9585 A-
117554809 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9586 A-
116754444 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9587 A-
113597344 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9588 A-
111450156 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9589 A-
111893132 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9590 A-
115900043 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9591 A-
116108738 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9592 A-
116319076 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9593 A-
116722267 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9594 A-
116791157 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
No impact:
==========
CVE-2018-9582 A-
112031362 EoP High 8.0, 8.1, 9
Change-Id: Ie423b66eb0059520f414ab2ca77e1fadcd9314c3
Aled Powell [Fri, 11 Jan 2019 15:20:28 +0000 (15:20 +0000)]
Added Welsh language code to enable localisation
Change-Id: I2f1fa859dceb3ecf82aac86cd8b645deb7cc4c7f
Vasyl Gello [Tue, 4 Dec 2018 17:09:21 +0000 (19:09 +0200)]
Bump Security Patch Level to 2018-12-05
Implemented:
============
CVE-2018-9549 A-
112160868 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9555 A-
112321180 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9556 A-
113118184 RCE Critical 9
CVE-2018-9552 A-
113260892 ID Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9553 A-
116615297 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9558 A-
112161557 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9559 A-
112731440 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9548 A-
112555574 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9554 A-
114770654 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2018-9566 A-
74249842 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
Not implemented:
============
CVE-2018-9557 A-
35385357 EoP High 7.0, 7.1.1, 7.1.2
No impact:
============
CVE-2018-9550 A-
112660981 RCE Critical 9
CVE-2018-9551 A-
112891548 RCE Critical 9
CVE-2018-9538 A-
112181526 EoP High 8.1, 9
CVE-2018-9547 A-
114223584 EoP High 8.1, 9
CVE-2018-9560 A-
79946737 EoP High 9
CVE-2018-9562 A-
113164621 ID High 9
Change-Id: I2ee87fe456d088d2fc19fb37a00ac377694078ad
Signed-off-by: Vasyl Gello <vasek.gello@gmail.com>
syphyr [Wed, 7 Nov 2018 01:35:22 +0000 (02:35 +0100)]
Security string to 2018-11-05
Implemented:
============
CVE-2018-9524 A-
34170870 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2018-9527 A-
112159345 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9540 A-
111450417 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9542 A-
111896861 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9347 A-
68664359 [2] DoS Moderate 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9523 A-
112859604 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
No impact:
==========
CVE-2018-9522 A-
112550251 EoP High 9
CVE-2018-9525 A-
111330641 EoP High 9
CVE-2018-9531 A-
112661641 RCE Critical 9
CVE-2018-9536 A-
112662184 EoP Critical 9
CVE-2018-9537 A-
112891564 EoP Critical 9
CVE-2018-9521 A-
111874331 RCE High 9
CVE-2018-9539 A-
113027383 EoP High 8.0, 8.1, 9
CVE-2018-9543 A-
112868088 ID High 9
CVE-2018-9544 A-
113037220 ID High 9
CVE-2018-9545 A-
113111784 ID High 9
CVE-2018-9541 A-
111450531 ID Moderate 9
CVE-2018-9457 A-
72872376 EoP Moderate 8.0, 8.1, 9
CVE-2018-9526 A-
112159033 [2] ID High 9
Change-Id: I58687280fac959f004e2594127b19677a243046d
syphyr [Sat, 6 Oct 2018 19:44:37 +0000 (21:44 +0200)]
Security string to 2018-10-05
Implemented:
============
CVE-2018-9490 A-
111274046 [2] EoP Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9491 A-
111603051 RCE High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9493 A-
111085900 [2] ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9452 A-
78464361 [2] DoS Moderate 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9497 A-
74078669 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9498 A-
78354855 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2018-9499 A-
79218474 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2017-13283 A-
78526423 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9504 A-
110216176 RCE Critical 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9501 A-
110034419 EoP High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9502 A-
111936792 [2] ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9503 A-
80432928 [2] ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9505 A-
110791536 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9506 A-
111803925 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9507 A-
111893951 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9508 A-
111936834 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1
CVE-2018-9509 A-
111937027 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9510 A-
111937065 ID High 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9
CVE-2018-9492 A-
111934948 EoP High 8.0, 8.1, 9
No impact:
==========
CVE-2018-9473 A-
65484460 RCE Critical 8.0
CVE-2018-9496 A-
110769924 RCE Critical 9
CVE-2018-9476 A-
109699112 EoP Critical 8.0, 8.1
CVE-2018-9511 A-
111650288 DoS High 9
Change-Id: I26cd12996ccfdac4123da673b981a001455d3d2e
syphyr [Thu, 6 Sep 2018 20:46:42 +0000 (22:46 +0200)]
Security string to 2018-09-05
Implemented:
============
CVE-2018-9466 A-
62151041 RCE High
CVE-2018-9467 A-
110955991 EoP High
CVE-2018-9469 A-
109824443 EoP High
CVE-2018-9470 A-
78290481 EoP High
CVE-2018-9471 A-
77599679 EoP High
CVE-2018-9472 A-
79662501 RCE High
CVE-2018-9474 A-
77600398 EoP High
CVE-2018-9440 A-
77823362 [2] DoS Moderate
CVE-2018-9475 A-
79266386 EoP Critical
CVE-2018-9478 A-
79217522 EoP Critical
CVE-2018-9479 A-
79217770 EoP Critical
CVE-2018-9456 A-
78136869 DoS High
CVE-2018-9483 A-
110216173 ID High
CVE-2018-9484 A-
79488381 ID High
CVE-2018-9485 A-
80261585 ID High
CVE-2018-9486 A-
80493272 ID High
CVE-2018-9468 A-
111084083 ID High
No impact:
==========
CVE-2018-9477 A-
92497653 EoP High
CVE-2018-9480 A-
109757168 ID High
CVE-2018-9481 A-
109757435 ID High
CVE-2018-9482 A-
109757986 ID High
CVE-2018-9487 A-
69873852 DoS High
CVE-2018-9488 A-
110107376 EoP Moderate
Change-Id: Ie135b3534c0ce3e89774eeffba4f3be3827d23bc
syphyr [Wed, 8 Aug 2018 17:46:07 +0000 (19:46 +0200)]
Security string to 2018-08-05
Implemented:
============
CVE-2018-9445 A-
80436257 [2] EoP High
CVE-2018-9451 A-
79488511 [2] ID High
CVE-2018-9444 A-
63521984* DoS High
CVE-2018-9446 A-
80145946 RCE Critical
CVE-2018-9447 A-
79995313 DoS Moderate
CVE-2018-9459 A-
66230183 EoP High
CVE-2018-9455 A-
78136677 DoS High
CVE-2018-9436 A-
79164722 ID High
CVE-2018-9454 A-
78286118 ID High
CVE-2018-9453 A-
78288378 ID High
CVE-2018-9435 A-
79591688 ID Moderate
CVE-2018-9461 A-
37629504 ID Moderate
CVE-2018-9449 A-
79884292 ID Moderate
CVE-2018-9457 A-
72872376 ID Moderate
CVE-2018-9441 A-
74075873 [2] ID Moderate
CVE-2017-13322 A-
67862398 DoS Moderate
CVE-2017-13295 A-
62537081 [2] DoS Moderate
CVE-2017-13242 A-
62672248 ID Moderate
CVE-2018-9437 A-
78656554 DoS High
CVE-2017-
1000100 A-
64610131 ID Moderate
No impact:
==========
CVE-2018-9450 A-
79541338 RCE Critical
CVE-2018-9438 A-
78644887 [2] DoS High
CVE-2018-9458 A-
71786287 EoP High
CVE-2018-9427 A-
77486542 [2] RCE Critical
CVE-2018-9448 A-
79944113 [2] ID High
Change-Id: I8f2bea7afc056d4e60b86a9de386453a8502a776
MSe [Mon, 16 Jul 2018 22:24:45 +0000 (00:24 +0200)]
Security string to 2018-07-05
Implemented patches:
====================
CVE-2018-9412 A-
78029004 DoS High
CVE-2018-9421 A-
77237570 ID High
CVE-2018-9365 A-
74121126 RCE Critical
CVE-2018-9432 A-
73173182 EoP High
CVE-2018-9420 A-
77238656 ID High
CVE-2018-9419 A-
74121659 ID High
CVE-2018-9426 A-
79148652 ID Moderate
CVE-2018-9434 A-
29833520[2] ID Moderate
CVE-2018-9423 A-
77599438 ID Moderate
CVE-2018-9413 A-
73782082 RCE Moderate
CVE-2018-9418 A-
73824150 RCE Moderate
CVE-2018-9430 A-
73963551 RCE Moderate
CVE-2018-9414 A-
78787521 EoP Moderate
Not implemented / deferred:
===========================
CVE-2018-9433 A-
38196219* not publicly available
CVE-2018-9410 A-
77822336 only 8.x
CVE-2018-9411 A-
79376389 only 8.x
CVE-2018-9424 A-
76221123 only 8.x
CVE-2018-9428 A-
74122779 only 8.1
CVE-2018-9376 A-
69981755 deferred
CVE-2018-9429 A-
73927042 only 8.1
CVE-2018-9431 A-
77600924 only 8.x
Change-Id: I893cf79f8177b867f71d3b15ea061e8c34606cbb
MSe [Fri, 8 Jun 2018 18:16:44 +0000 (20:16 +0200)]
Bump security string to 2018-06-05
Implented patches:
-----------------------------------------------------
CVE-2018-9338 A-
71361168 EoP High
CVE-2018-9340 A-
71360999 ID High
CVE-2018-9341 A-
74016277 RCE Critical
CVE-2018-5146 A-
77284393* RCE Critical
CVE-2018-9345 A-
77238250 ID High
CVE-2018-9346 A-
77238762 ID High
CVE-2018-9347 A-
68664359 DoS High
CVE-2018-9348 A-
68953854 DoS High
CVE-2018-9355 A-
74016921 RCE Critical
CVE-2018-9356 A-
74950468 RCE Critical
CVE-2018-9357 A-
74947856 RCE Critical
CVE-2018-9358 A-
73172115 ID High
CVE-2018-9359 A-
74196706 ID High
CVE-2018-9360 A-
74201143 ID High
CVE-2018-9361 A-
74202041 ID High
CVE-2018-9362 A-
72298611 DoS High
CVE-2018-9375 A-
75298708 EoP Moderate
CVE-2018-9378 A-
73126106 ID Moderate
CVE-2018-9379 A-
63766886[2] ID Moderate
CVE-2018-9349 A-
72510002 ID Moderate
CVE-2018-9350 A-
73552574 ID Moderate
CVE-2018-9351 A-
73625898 ID Moderate
CVE-2018-9352 A-
73965867[2] ID Moderate
CVE-2018-9353 A-
73965890 ID Moderate
CVE-2018-9354 A-
74067957 NSI NSI
CVE-2018-9380 A-
75298652 EoP Moderate
Postponed:
-----------------------------------------------------
CVE-2018-9374 A-
72710897 EoP Moderate
Not implemented / not relevant:
-----------------------------------------------------
CVE-2018-9339 A-
71508348 High 8.0, 8.1
CVE-2017-13227 A-
69981710 High 8.0, 8.1
CVE-2017-13230 A-
65483665 Critical 6.0
CVE-2018-9344 A-
73172817 High 8.1
CVE-2018-9377 A-
64752751* Moderate 6.0, 6.0.1
CVE-2018-9382 A-
35765136* Moderate not found
Change-Id: I0284581d30c76df838b05a312c1223f5dfcf0ecf
MSe [Sat, 19 May 2018 13:26:25 +0000 (15:26 +0200)]
Bump security patch level to 2018-05-05
Implemented patches:
CVE-2017-13310
CVE-2017-13311
CVE-2017-13313
CVE-2017-13314
CVE-2017-13315
CVE-2017-13316
CVE-2017-13319
CVE-2017-13320
CVE-2017-13323
CVE-2017-13322
Not affecting Android 7.1:
CVE-2017-13309
CVE-2017-13312
CVE-2017-13317
CVE-2017-13318
CVE-2017-13321
Change-Id: Iafe1c76776831912960dfa34cd42b57cff45afeb
Moritz Horstmann [Sat, 7 Apr 2018 22:51:44 +0000 (00:51 +0200)]
Bump security patch level to 2018-04-05
CVEs fixed in this topic:
CVE-2017-13267
CVE-2017-13274
CVE-2017-13276
CVE-2017-13277
CVE-2017-13278
CVE-2017-13279
CVE-2017-13280
CVE-2017-13282
CVE-2017-13283
CVE-2017-13284
CVE-2017-13285
CVE-2017-13287
CVE-2017-13289
CVE-2017-13290
CVE-2017-13291
CVE-2017-13294
CVE-2017-13295
CVE-2017-13296
CVE-2017-13297
CVE-2017-13298
CVE-2017-13299
CVEs not affecting 14.1:
CVE-2017-13275 8.0/8.1 only
CVE-2017-13281 8.0/8.1 only
CVE-2017-13286 8.0/8.1 only
CVE-2017-13288 8.0/8.1 only
CVE-2017-13301 8.0 only
CVE-2017-13302 8.0 only
Change-Id: Ia0e6e332e86133edd028253a542d1148eaa739a5
Moritz Horstmann [Thu, 8 Mar 2018 12:59:07 +0000 (13:59 +0100)]
Bump security patch level to 2018-03-05
CVEs fixed in this topic:
CVE-2017-13248
CVE-2017-13249
CVE-2017-13250
CVE-2017-13251
CVE-2017-13254
CVE-2017-13255
CVE-2017-13256
CVE-2017-13257
CVE-2017-13258
CVE-2017-13259
CVE-2017-13260
CVE-2017-13261
CVE-2017-13262
CVE-2017-13264
CVE-2017-13266
CVE-2017-13268
CVE-2017-13269
CVE-2017-13272
CVEs not affecting 14.1:
CVE-2017-13252 8.0/8.1 only
CVE-2017-13253 8.0/8.1 only
CVE-2017-13263 8.0/8.1 only
CVE-2017-13265 Affects 7.1.2, but is not used in any of our 14.1 builds
Change-Id: I21c988578280cc85e958303bb2c0e4663a5757ad
Dobroslaw Kijowski [Thu, 8 Feb 2018 06:00:16 +0000 (07:00 +0100)]
Bump security patch level to 2018-02-05
Change-Id: I408bdb82158e01ad880d82dc9644e37978cdb646
Moritz Horstmann [Sat, 13 Jan 2018 20:49:29 +0000 (21:49 +0100)]
Bump security patch level to 2018-01-05
Change-Id: I1038e75a8b69b84da39b87ac067edceac8b2be87
Dan Pasanen [Tue, 5 Dec 2017 21:04:24 +0000 (15:04 -0600)]
Bump security string to 2017-12-05
Change-Id: Id8db5ddbe554998e8029b78a48cc2a18ac7b596c
Bruno Martins [Fri, 17 Nov 2017 21:31:54 +0000 (21:31 +0000)]
Bump Security String to 2017-11-06
KRACK vulnerability patches were shipped a while ago,
so we can advertise a security patch level of 2017-11-06.
Change-Id: I68300e296ae8fe10aecefd45cfa581d35d8086a8
Adam Seaton [Wed, 13 Sep 2017 17:51:18 +0000 (10:51 -0700)]
Update Security String to 2017-11-05
Change-Id: I9fd1b7832eee415ea2a6c718df419ea12ddfe620
XiNGRZ [Tue, 3 Oct 2017 16:13:07 +0000 (00:13 +0800)]
core: Prefix and build bison host executable if needed
This patch prefixed bison with HOST_OUT_EXECUTABLES to ensure using our
`bison` built from source. It also added bison to be a depencency of %.y
and %.yy tasks so that it will be built if needed without any manual
`mka bison`.
Change-Id: Ic207124965c704b3f350e96b58d8e1f2683c2601
Adam Seaton [Mon, 21 Aug 2017 18:26:49 +0000 (11:26 -0700)]
[DO NOT MERGE] Update platform security string to 2017-10-05 in nyc-dev Bug:
64896113
(cherry picked from commit
1517f3d2da27eae798a3ac765096251914f9b119)
Change-Id: Iaf69b105d57ab33dccde1b13be5271178269f82a
Adam Seaton [Mon, 21 Aug 2017 18:26:14 +0000 (11:26 -0700)]
[DO NOT MERGE] Update platform security string to 2017-10-01 in nyc-dev Bug:
64896113
(cherry picked from commit
73ab80dec9df8966bf660725dc1a942d9c1f324e)
Change-Id: I79c8696abc375a2c2cd77a2b12fec1558be70818
Christopher N. Hesse [Thu, 28 Sep 2017 19:13:38 +0000 (21:13 +0200)]
core: config: Use host bison if requested
Change-Id: I87a232838cbc49ab758ed7bf27d97c59d9928e69
Colin Cross [Tue, 29 Nov 2016 19:12:56 +0000 (11:12 -0800)]
Fix warning with AAPT2 and LOCAL_STATIC_ANDROID_LIBRARIES
Building with LOCAL_STATIC_ANDROID_LIBARIES and LOCAL_USE_APPT2
causes a warning:
build/core/package_internal.mk:143: Empty argument supplied to find-subdir-assets
Only call find-subdir-assets if my_res_dir is not empty.
Also improve the warning message to make it easier to find the module
that caused it.
Test: m -j
Change-Id: I9a71162c7e2ed82f64d6844baca256968ac77317
Adam Seaton [Wed, 19 Jul 2017 17:37:42 +0000 (10:37 -0700)]
Updating Security String to 2017-09-05 Bug:
63846344
(cherry picked from commit
18be90844245f3873261e4aa1072e8d83fdb33aa)
Change-Id: Ide74c0655eff5d24fcd7bf708b7e5ae5fe660d83
Dan Pasanen [Mon, 7 Aug 2017 21:11:59 +0000 (16:11 -0500)]
Merge tag 'android-7.1.2_r29' into cm-14.1
Android 7.1.2 Release 29 (NJH47F)
# gpg: Signature made Fri 28 Jul 2017 01:55:54 PM CDT
# gpg: using DSA key
E8AD3F819AB10E78
# gpg: Can't check signature: No public key
Michael Bestas [Fri, 16 Jun 2017 12:29:31 +0000 (15:29 +0300)]
Squashed revert of TARGET_UNIFIED_DEVICE
* vendor init can be used to achieve everything done here
Revert "core: Fix unified trees with no TARGET_OTA_ASSERT_DEVICE"
This reverts commit
e44fa493f87d74c20b4276ca7504bc601847d01f.
Revert "releasetools: don't attempt to read fingerprint on unified devices"
This reverts commit
787a0aa7d8787c13bf78559ae4a05650ed46da76.
Revert "buildinfo: only set ro.build.product on non-unified devices"
This reverts commit
22c034b8a7c51c713dfb2a75c6e4e20941428cad.
Revert "ota_from_target_files: Remove device dependent arguments"
This reverts commit
7c93b441bcf65a8630f8f4bb8df9537f686ea797.
Revert "Fix ro.build.product not found by ota_from_target_files in some cases"
This reverts commit
0ca5495057a6d15f6049993896c34e13cd4dd467.
Revert "Allow devices to specify certain ro. props via TARGET_UNIFIED_DEVICE"
This reverts commit
8182bc29ffc498033e25ef10f3f8499ebfe25a7e.
ota_from_target_files: Remove device dependent arguments
These device-specific arguments are defined at build time and are
necessary to generate the zip correctly. Don't use command line
arguments to specify them, but write all the needed information
in misc_info.txt when the target-files zip is generated.
ota_from_target_files will then read misc_info.txt and set
everything automatically.
Original Change-Id: Ibdbca575b76eb07b53fccfcea52a351c7e333f91
[mikeioannina]: Reapply after TARGET_UNIFIED_DEVICE removal
Change-Id: I5cb8f074c893c0e46edf507f6256cd747239d07f
Dan Pasanen [Wed, 5 Jul 2017 22:29:01 +0000 (17:29 -0500)]
Merge tag 'android-7.1.2_r24' into cm-14.1
Android 7.1.2 release 24
# gpg: Signature made Fri 30 Jun 2017 01:19:21 PM CDT
# gpg: using DSA key
E8AD3F819AB10E78
# gpg: Can't check signature: No public key
android-build-team Robot [Thu, 29 Jun 2017 18:02:37 +0000 (18:02 +0000)]
Version bump to NJH47F
Change-Id: I5e1344e333421f85364602fe3ba44879d00bfd73
Sean hoyt [Sun, 16 Apr 2017 04:23:13 +0000 (04:23 +0000)]
Disable recovery resource warning
Change-Id: I773a092f44823b095cb4176a8647acef9519b870
Michael Bestas [Fri, 16 Jun 2017 12:33:05 +0000 (15:33 +0300)]
Revert "Preventing default locale from being overridden because of buildinfo.sh"
* Not used by any device
This reverts commit
7ff326d8b05df431747d8d6353184ea70f44e9e4.
Change-Id: Id5ee46c189bc2271007215e2981c646a6b9982be
Michael Bestas [Fri, 16 Jun 2017 12:30:51 +0000 (15:30 +0300)]
Revert "build: skip 'ro.product.device' using new macro "TARGET_SKIP_PRODUCT_DEVICE""
* Not used by any device, can be implemented using
PRODUCT_SYSTEM_PROPERTY_BLACKLIST instead
This reverts commit
3d918b4bb74829d23475d4bd34c8fdc71bde014f.
Change-Id: I1b48231d0a269d8a7fe08945ffebf55253ddf18f
android-build-team Robot [Thu, 15 Jun 2017 19:04:31 +0000 (19:04 +0000)]
Make change and version bump to NJH47E
Change-Id: Icfbd115a0074cc50b8d491e54837d5ef666e4e57
Adam Seaton [Wed, 7 Jun 2017 21:54:45 +0000 (14:54 -0700)]
[DO NOT MERGE] Updating Security String to 2017-08-05 on nyc-dev
bug:
62388772
(cherry picked from commit
2b93753bc4025e92e6b6c8ed510bc9b3f8faff4d)
Change-Id: I49ea676b60b1137f33f6d12b35dd4169bea5479f
Adam Seaton [Wed, 7 Jun 2017 21:53:03 +0000 (14:53 -0700)]
[DO NOT MERGE] Updating Security String to 2017-08-01 on nyc-dev
bug:
62388772
(cherry picked from commit
a847c0b23ce761b09148f4f8fd6c9b473a46f531)
Change-Id: I6839865d7a9f1a455011cf701d4e8297f668fdca
Tao Bao [Thu, 23 Feb 2017 06:54:39 +0000 (22:54 -0800)]
Makefile: Add the missing dependency on FUTILITY.
Bug:
35467608
Test: lunch aosp_dragon-userdebug; m dist
Change-Id: If3824ac22926f3c3cc09d5b82cb0f6da4132f937
Tao Bao [Fri, 17 Feb 2017 22:11:13 +0000 (14:11 -0800)]
Build FUTILITY tool from futility-host.
Also pack the tool, vboot_signer.sh script and the test keys into
otatools.zip. This allows signing ryu target without a source repo.
Bug:
35467608
Test: m otatools-package and check the newly included files.
Test: Use otatools.zip to sign a ryu target.
Change-Id: I70f7b359f21a579463d5c7251daac81a97e338cc
Dan Pasanen [Mon, 5 Jun 2017 23:24:53 +0000 (18:24 -0500)]
Merge tag 'android-7.1.2_r17' into cm-14.1
Android 7.1.2 Release 17 (NJH47B)
# gpg: Signature made Fri 02 Jun 2017 05:08:59 PM CDT
# gpg: using DSA key
E8AD3F819AB10E78
# gpg: Can't check signature: No public key
android-build-team Robot [Thu, 25 May 2017 23:44:59 +0000 (23:44 +0000)]
Version bump to NJH47D
Change-Id: I3dd1395b05f02af755e105054d088a20a3895868
android-build-team Robot [Wed, 24 May 2017 17:28:00 +0000 (17:28 +0000)]
Make change and version bump to NJH47C
Adam Seaton [Wed, 17 May 2017 18:27:05 +0000 (11:27 -0700)]
[DO NOT MERGE]Updating security string to 2017-07-05 on nyc-dev
bug:
38342695
(cherry picked from commit
96d958c34509a65e5f7787945f9923fb44c42f05)
Change-Id: Ie20c99d94c41fb21ddfef76f5d56d815e7f5b5c4
Adam Seaton [Wed, 17 May 2017 18:24:52 +0000 (11:24 -0700)]
[DO NOT MERGE]Updating security string to 2017-07-01 on nyc-dev
bug:
38342695
(cherry picked from commit
77dad3dfcd677136f6657e1b95dd84ed1be1d728)
Change-Id: Ia2ca8f85c617295dd692a331a5cb7bab8b2fd849
android-build-team Robot [Thu, 18 May 2017 00:56:09 +0000 (00:56 +0000)]
Version bump to NJH47B
Change-Id: I04b0907a56d5db287bf0426c67bebdcac2680bd4
android-build-team Robot [Wed, 17 May 2017 22:58:40 +0000 (22:58 +0000)]
Make change and version bump to NJH47
android-build-team Robot [Wed, 17 May 2017 19:48:02 +0000 (19:48 +0000)]
Version bump to NJH34C
Change-Id: I465448ca73efddaca59ff12ad9fff98c3b8b6455
Ivan Kutepov [Tue, 16 May 2017 18:56:56 +0000 (21:56 +0300)]
Revert "Revert "ota: Remove cruft we don't care about""
Should prevent users from "downgrading" builds, but instead of checking the
build date of the ROM, updater-script checks the build date of the recovery.
As a result, "downgrading" is still possible, and installation of the ROM,
if the recovery is newer than it, is impossible.
This reverts commit
28032f6bb6728fc26bf1258cb939fbaf12ec0e7e.
Change-Id: I71ce8eb16074079f01dfabcb19ed30e3586c59ac
qjohn [Tue, 16 May 2017 09:06:15 +0000 (16:06 +0700)]
apicheck_msg_current: Don't do this in LineageOS
Change-Id: I9396d94f6fd37ce082b75259b5bf8a78b3591350
android-build-team Robot [Thu, 11 May 2017 19:13:52 +0000 (19:13 +0000)]
Make change and version bump to NJH34B
Adam Seaton [Tue, 11 Apr 2017 18:04:34 +0000 (11:04 -0700)]
[DO NOT MERGE] Update Security String to 2017-06-05 for nyc-dev
Change-Id: If3756886a04faef5fc92c52e30829ccb3be29686
android-build-team Robot [Thu, 4 May 2017 22:06:45 +0000 (22:06 +0000)]
Make change and version bump to NJH34
android-build-team Robot [Thu, 4 May 2017 22:06:22 +0000 (22:06 +0000)]
release-request-
3b995630-3bae-4f9e-868a-
935ab7740cc9-for-git_nyc-mr2-pixel-monthly-release-
3934930 snap-temp-L20000000060688928 (snap-temp-branch)
Change-Id: I864aad29f06ed1a4a044980bff729d0099537cf1
Dan Pasanen [Mon, 1 May 2017 23:24:41 +0000 (18:24 -0500)]
Merge tag 'android-7.1.2_r8' into cm-14.1
Android 7.1.2 release 8
# gpg: Signature made Mon 01 May 2017 10:38:02 AM CDT
# gpg: using DSA key
E8AD3F819AB10E78
# gpg: Can't check signature: No public key
Michael Bestas [Fri, 28 Apr 2017 17:21:33 +0000 (20:21 +0300)]
Revert "We want Browser"
* Aosp browser is really old and insecure, we are replacing it with Jelly
* Jelly is a simple webview-based browser, so it relies on installed webview,
which makes it secure as long as webview is updated
* Gello is still alive, it overrides Jelly instead of Browser target
This reverts commit
cf571f4fedb354dd5e2a774117dd710689c97de6.
Change-Id: Ie5649cc213b3a5409d137d07bd6d1bfcdc789798
Michael Bestas [Fri, 28 Apr 2017 16:27:49 +0000 (19:27 +0300)]
Revert "build: releasetools: ota: Add support for 32-64 bit upgrades"
* This was only required for tomato kitkat 32bit to lollipop 64bit
migration. This is no longer a supported upgrade case, so revert
it to be inline with AOSP.
* Users coming from stock should flash an updated 64bit recovery first
This reverts commit
b89510679f72a80e973c9809d3328067eb582885.
Change-Id: Iccf37e5292c2068e9a1f8aeb370719cd9ced8c44
android-build-team Robot [Tue, 25 Apr 2017 17:25:48 +0000 (17:25 +0000)]
Make change and version bump to NJH25B
Adam Seaton [Tue, 11 Apr 2017 18:04:34 +0000 (11:04 -0700)]
[DO NOT MERGE] Update Security String to 2017-06-05 for nyc-dev
Change-Id: I6ce9326f366fbad1f845fd22d045569fe4f09a09
android-build-team Robot [Tue, 25 Apr 2017 17:14:49 +0000 (17:14 +0000)]
Make change and version bump to NJH25
android-build-team Robot [Tue, 25 Apr 2017 17:14:27 +0000 (17:14 +0000)]
release-request-
1b405be0-1652-4c5c-a4e4-
f5799a530db2-for-git_nyc-mr2-pixel-monthly-release-
3934930 snap-temp-L15900000057606206 (snap-temp-branch)
Change-Id: I5c2f6a3780a4bb3b6a869decca2840cec5828efc
The Android Automerger [Mon, 24 Apr 2017 19:23:18 +0000 (12:23 -0700)]
N2G47W
android-build-team Robot [Fri, 21 Apr 2017 21:19:03 +0000 (21:19 +0000)]
Version bump to NJH21D
Change-Id: If7402e75597b8d24746e285ab8edefa0f1a37546
android-build-team Robot [Fri, 21 Apr 2017 21:09:25 +0000 (21:09 +0000)]
Make change and version bump to NJH21C
Adam Seaton [Tue, 11 Apr 2017 18:04:34 +0000 (11:04 -0700)]
[DO NOT MERGE] Update Security String to 2017-06-05 for nyc-dev
Change-Id: I283f8a3be0d23373c9c099e81955a5de6f120a1a
android-build-team Robot [Fri, 21 Apr 2017 20:41:58 +0000 (20:41 +0000)]
Make change and version bump to NJH21B
Adam Seaton [Tue, 11 Apr 2017 18:03:48 +0000 (11:03 -0700)]
[DO NOT MERGE] Update Security String to 2017-06-01 for nyc-dev
Change-Id: Id528161f61eeb3987d6b90069ede80b1aed2bfba
android-build-team Robot [Fri, 21 Apr 2017 17:29:42 +0000 (17:29 +0000)]
Make change and version bump to NJH21
android-build-team Robot [Thu, 20 Apr 2017 22:40:36 +0000 (22:40 +0000)]
Make change and version bump to NJH20
Adam Seaton [Tue, 11 Apr 2017 18:03:48 +0000 (11:03 -0700)]
[DO NOT MERGE] Update Security String to 2017-06-01 for nyc-dev
Change-Id: I8cdfa17bb6eb1c4cfb87a85169ba082d74975d63
gitbuildkicker [Mon, 17 Apr 2017 23:24:34 +0000 (16:24 -0700)]
N2G47V
Adam Seaton [Tue, 11 Apr 2017 18:04:34 +0000 (11:04 -0700)]
[DO NOT MERGE] Update Security String to 2017-06-05 for nyc-dev
bug:
37204197
Change-Id: I9790487cd9bf8fb8e44856216407b35d067a9d16
(cherry picked from commit
70d708e29ff733778771deae004ec06dca419efb)
Adam Seaton [Tue, 11 Apr 2017 18:03:48 +0000 (11:03 -0700)]
[DO NOT MERGE] Update Security String to 2017-06-01 for nyc-dev
bug:
37204197
Change-Id: I81ae6196028c983baf82800a364805025672bec9
(cherry picked from commit
d9a5e995999d15175efba49e01a0844fe9d5cf84)
gitbuildkicker [Mon, 17 Apr 2017 23:09:42 +0000 (16:09 -0700)]
merge in nyc-mr2-release history after reset to
189e63df8681345b82b0a71b625a62face1b3b4e
Dan Pasanen [Fri, 14 Apr 2017 17:31:07 +0000 (12:31 -0500)]
build: fix verity generation
* Now build_verity_metadata.py takes an arg telling it what to do,
in this case "build" is our intention, so update our custom runcmd
array.
* Ensure we cast all args to Popen as strings or picky python gets
angry that we pass an int (image_size) to Popen
Change-Id: I71c5e45e3155f470259f91f6f1a880e780aef369
gitbuildkicker [Wed, 12 Apr 2017 18:09:26 +0000 (11:09 -0700)]
N2G47U
gitbuildkicker [Mon, 10 Apr 2017 18:21:39 +0000 (11:21 -0700)]
N2G47T
gitbuildkicker [Mon, 10 Apr 2017 18:12:22 +0000 (11:12 -0700)]
merge in nyc-mr2-release history after reset to nyc-mr2-dev
Flex1911 [Fri, 7 Apr 2017 09:56:44 +0000 (12:56 +0300)]
build: allow to disable recovery-two-step.img generation
Android 7.1.2 introduced new mechanism for recovery updating in two-step OTAs.
Although, recovery-two-step.img generation may be completely broken on some devices with custom mkbootimg handling.
We can use recovery.img as base for that devices, so recovery-two-step.img generation will not be required in this case.
Let's add new TARGET_NO_TWO_STEP_RECOVERY flag to skip recovery-two-step.img generation during target files packaging if we need it.
Change-Id: Icbea2da2f9565277622746545cdb96bf7f5ef3df
gitbuildkicker [Thu, 6 Apr 2017 22:18:55 +0000 (15:18 -0700)]
NHG47L
Adam Seaton [Fri, 10 Mar 2017 23:44:57 +0000 (15:44 -0800)]
Update Security String to 2017-05-05 on nyc-dev
Bug:
34137924
(cherry picked from commit
cfdcc41cd73360c9605407508a285c905d196fd5)
Adam Seaton [Fri, 10 Mar 2017 23:44:16 +0000 (15:44 -0800)]
Update Security String to 2017-05-01 on nyc-dev
Bug:
34137924
(cherry picked from commit
573e7e75cab017946716fbd4ba01cbd8e7563478)
Dan Pasanen [Wed, 5 Apr 2017 12:30:28 +0000 (07:30 -0500)]
Merge tag 'android-7.1.2_r2' into cm-14.1
Android 7.1.2 Release 2 (N2G47E)
Change-Id: Ie3d3e9ea5c8dd67f44e43b2ed5a97e844c19888d
gitbuildkicker [Mon, 3 Apr 2017 22:00:34 +0000 (15:00 -0700)]
N2G47S
gitbuildkicker [Thu, 30 Mar 2017 23:18:06 +0000 (16:18 -0700)]
N2G47R
gitbuildkicker [Thu, 30 Mar 2017 23:17:04 +0000 (16:17 -0700)]
merge in nyc-mr2-release history after reset to
72c9cf9ea858b1ad929a983ff88ec0220c71f692