Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
61826fde by Moritz Muehlenhoff at 2019-11-11T12:15:20Z
new libexif issue
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31493,7 +31493,7 @@ CVE-2019-9416 (In libstagefright there is a possible
information disclosure due
CVE-2019-9415 (In libstagefright there is a possible information disclosure
due to un ...)
NOT-FOR-US: Android
CVE-2019-9414 (In wpa_supplicant, there is a possible man in the middle
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-9413 (In Bluetooth, there is a possible out of bounds read due to a
missing ...)
NOT-FOR-US: Android
CVE-2019-9412 (In libSBRdec there is a possible out of bounds read due to
incorrect b ...)
@@ -31571,7 +31571,7 @@ CVE-2019-9377 (In FingerprintService, there is a
possible bypass for operating s
CVE-2019-9376 (In the Accounts package, there is a possible crash due to
improper inp ...)
NOT-FOR-US: Android
CVE-2019-9375 (In hostapd, there is a possible out of bounds write due to a
race cond ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-9374 (In CompanionDeviceManager, there is a possible bypass of user
interact ...)
NOT-FOR-US: Android
CVE-2019-9373 (In JobStore, there is a mismatched
serialization/deserialization for t ...)
@@ -31772,7 +31772,9 @@ CVE-2019-9280 (In keyguard, there is a possible
escalation of privilege due to i
CVE-2019-9279 (In the wifi hotspot service, there is a possible denial of
service due ...)
NOT-FOR-US: Android
CVE-2019-9278 (In libexif, there is a possible out of bounds write due to an
integer ...)
- TODO: check
+ - libexif <unfixed>
+ NOTE:
https://android.googlesource.com/platform/external/libexif/+/a5e8e5812a11ec9686294de8a5d68aaf2ab72475%5E%21/#F0
+ NOTE: Doesn't seem to have been fixed/forwarded upstream at
https://github.com/libexif/libexif
CVE-2019-9277 (In the proc filesystem, there is a possible information
disclosure due ...)
NOT-FOR-US: Android
CVE-2019-9276 (In the Android kernel in the synaptics_dsx_htc touchscreen
driver ther ...)
@@ -31843,7 +31845,7 @@ CVE-2019-9245 (In the Android kernel in the f2fs driver
there is a possible out
CVE-2019-9244 (In NFC, there is a possible out of bounds read due to a missing
bounds ...)
NOT-FOR-US: Android
CVE-2019-9243 (In wpa_supplicant_8, there is a possible out of bounds read due
to a m ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-9242 (In NFC, there is a possible out of bounds read due to a missing
bounds ...)
NOT-FOR-US: Android
CVE-2019-9241 (In Bluetooth, there is a possible out of bounds read due to a
missing ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/61826fde49e22f00e362bbe4c09b71435c357b0d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/61826fde49e22f00e362bbe4c09b71435c357b0d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
