From c36a2e36298300f94da03e6f07f800c8a2e80bd0 Mon Sep 17 00:00:00 2001 From: Ivan Kutepov Date: Fri, 15 Sep 2017 00:34:56 +0300 Subject: ASB September 2017, version string to 2017-09-01 Implemented patches: =========================================== Framework CVE-2017-0752 A-62196835 [2] High Libraries CVE-2017-6983 A-63852675 High CVE-2017-0755 A-32178311 High Media Framework CVE-2017-0756 A-34621073 Critical CVE-2017-0757 A-36006815 Critical CVE-2017-0758 A-36492741 Critical CVE-2017-0759 A-36715268 Critical CVE-2017-0760 A-37237396 Critical CVE-2017-0761 A-38448381 Critical CVE-2017-0762 A-62214264 Critical CVE-2017-0763 A-62534693 Critical CVE-2017-0764 A-62872015 Critical CVE-2017-0765 A-62872863 Critical CVE-2017-0767 A-37536407 [2] High CVE-2017-0768 A-62019992 High CVE-2017-0770 A-38234812 High CVE-2017-0772 A-38115076 High CVE-2017-0773 A-37615911 High CVE-2017-0774 A-62673844 [2] High CVE-2017-0775 A-62673179 High CVE-2017-0776 A-38496660 Moderate CVE-2017-0777 A-38342499 Moderate CVE-2017-0778 A-62133227 Moderate CVE-2017-0779 A-38340117 [2] Moderate Runtime CVE-2017-0780 A-37742976 High System CVE-2017-0781 A-63146105 [2] Critical CVE-2017-0782 A-63146237 [2][3] Critical CVE-2017-0783 A-63145701 High CVE-2017-0784 A-37287958 Moderate CVE-2017-0785 A-63146698 Moderate Qualcomm Components CVE-2017-8278 A-62379474 High NOT implemented, because not relevant: =========================================== Libraries CVE-2017-0753 A-62218744 High 7.1.1, 7.1.2, 8.0 Media Framework CVE-2017-0769 A-37662122 High 7.0, 7.1.1, 7.1.2, 8.0 CVE-2017-0771 A-37624243 High 7.0, 7.1.1, 7.1.2 CVE-2017-0766 A-37776688 High (see comment) Comment to CVE-2017-0766: This change aims at removing external/jhead from the build tree. It is however needed for some older devices, so better to keep it in the build tree; it is anyhow only included in a build, if defined Change-Id: I0da0e7e8ed39d46a53fdb60b391edcdba41f4d17 --- core/version_defaults.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/version_defaults.mk b/core/version_defaults.mk index 49d2ca34a..0e246a029 100644 --- a/core/version_defaults.mk +++ b/core/version_defaults.mk @@ -105,7 +105,7 @@ ifeq "" "$(PLATFORM_SECURITY_PATCH)" # It must match one of the Android Security Patch Level strings of the Public Security Bulletins. # # If there is no $PLATFORM_SECURITY_PATCH set, keep it empty. - PLATFORM_SECURITY_PATCH := 2017-08-01 + PLATFORM_SECURITY_PATCH := 2017-09-01 endif ifeq "" "$(PLATFORM_BASE_OS)" -- cgit v1.2.3 From c5d9c72d9d9da2c5333744966e273393a71a179f Mon Sep 17 00:00:00 2001 From: android-build-team Robot Date: Thu, 8 Jun 2017 18:26:39 +0000 Subject: Version bump to MOB31Z Change-Id: I9e9875a602da3c0d7411ea5fe0942f435638e675 --- core/build_id.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/build_id.mk b/core/build_id.mk index ca6a6c632..2a87fbdb5 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -18,4 +18,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. -export BUILD_ID=MOB31T +export BUILD_ID=MOB31Z -- cgit v1.2.3 From 0f306aeca63188de079c7f15b4f55a9b95c2a5b6 Mon Sep 17 00:00:00 2001 From: Ivan Kutepov Date: Tue, 3 Oct 2017 22:36:50 +0300 Subject: ASB October 2017, version string to 2017-10-01 Implemented patches: =========================================== Framework CVE-2017-0806 A-62998805 High Media framework CVE-2017-0809 A-62673128 Critical CVE-2017-0810 A-38207066 Critical CVE-2017-0811 A-37930177 Critical CVE-2017-0814 A-62800140 High CVE-2017-0815 A-63526567 Moderate CVE-2017-0816 A-63662938 Moderate CVE-2017-0817 A-63522430 Moderate CVE-2017-0818 A-63581671 High CVE-2017-0819 A-63045918 High CVE-2017-0820 A-62187433 High System CVE-2017-0822 A-63787722 Moderate CVE-2017-0823 A-37896655 Moderate CVE-2017-14496 A-64575136 [2] High NOT implemented, because not relevant: =========================================== Framework CVE-2017-0807 A-35056974 High not publicly available CVE-2017-0808 A-62301183 [2] Moderate 7.0, 7.1.1, 7.1.2, 8.0 Media framework CVE-2017-0812 A-62873231 High 7.0, 7.1.1, 7.1.2, 8.0 CVE-2017-0813 A-36531046 Moderate 7.0, 7.1.1, 7.1.2 Change-Id: I2926ea35b48239b9ab703b917009688e049ade60 --- core/version_defaults.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/version_defaults.mk b/core/version_defaults.mk index 0e246a029..9be355a99 100644 --- a/core/version_defaults.mk +++ b/core/version_defaults.mk @@ -105,7 +105,7 @@ ifeq "" "$(PLATFORM_SECURITY_PATCH)" # It must match one of the Android Security Patch Level strings of the Public Security Bulletins. # # If there is no $PLATFORM_SECURITY_PATCH set, keep it empty. - PLATFORM_SECURITY_PATCH := 2017-09-01 + PLATFORM_SECURITY_PATCH := 2017-10-01 endif ifeq "" "$(PLATFORM_BASE_OS)" -- cgit v1.2.3 From d57eeb754706707eaad372e280e0250767df60e7 Mon Sep 17 00:00:00 2001 From: android-build-team Robot Date: Wed, 13 Sep 2017 22:08:07 +0000 Subject: Version bump to MOI10E Change-Id: Ie301a5320a123332c6461a4b02dd7f23dd15eda8 --- core/build_id.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/build_id.mk b/core/build_id.mk index 2a87fbdb5..aea98e0a5 100644 --- a/core/build_id.mk +++ b/core/build_id.mk @@ -18,4 +18,4 @@ # (like "CRB01"). It must be a single word, and is # capitalized by convention. -export BUILD_ID=MOB31Z +export BUILD_ID=MOI10E -- cgit v1.2.3 From c174aa33f312c13f25b612b8ffffd6313ccf669a Mon Sep 17 00:00:00 2001 From: Ivan Kutepov Date: Fri, 10 Nov 2017 18:22:13 +0300 Subject: ASB November 2017, version string to 2017-11-01 Implemented patches: =========================================== Framework CVE-2017-0830 A-62623498 High Media framework CVE-2017-0832 A-62887820 Critical CVE-2017-0833 A-62896384 Critical CVE-2017-0834 A-63125953 Critical CVE-2017-0835 A-63316832 Critical CVE-2017-0836 A-64893226 Critical CVE-2017-0839 A-64478003 High CVE-2017-0840 A-62948670 High CVE-2017-0848 A-64477217 Moderate CVE-2017-0849 A-62688399 Moderate CVE-2017-0851 A-35430570 Moderate CVE-2017-0853 A-63121644 High CVE-2017-0854 A-63873837 High CVE-2017-0857 A-65122447 High CVE-2017-0858 A-64836894 High System CVE-2017-0841 A-37723026 Critical CVE-2017-0842 A-37502513 High CVE-2017-0860 A-31097064 Moderate NOT implemented, because not relevant: =========================================== Framework CVE-2017-0831 A-37442941 [2] High 8.0 CVE-2017-0845 A-35028827 Moderate not applicable Media framework CVE-2017-0838 A-63522818 High 7.0, 7.1.1, 7.1.2 CVE-2017-0847 A-65540999 Moderate 8.0 CVE-2017-0850 A-64836941 Moderate 7.0, 7.1.1, 7.1.2 CVE-2017-0852 A-62815506 High 5.0.2, 5.1.1, 6.0 CVE-2017-0859 A-36075131 High not publicly available Runtime CVE-2016-2105 A-63710022 Moderate 5.0.2, 5.1.1 CVE-2016-2106 A-63709511 Moderate 5.0.2, 5.1.1 CVE-2017-3731 A-63710076 Moderate 5.0.2, 5.1.1 Change-Id: I424ab81f147373c6d841f5ef10803489206625fc --- core/version_defaults.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/version_defaults.mk b/core/version_defaults.mk index 9be355a99..5081bda0d 100644 --- a/core/version_defaults.mk +++ b/core/version_defaults.mk @@ -105,7 +105,7 @@ ifeq "" "$(PLATFORM_SECURITY_PATCH)" # It must match one of the Android Security Patch Level strings of the Public Security Bulletins. # # If there is no $PLATFORM_SECURITY_PATCH set, keep it empty. - PLATFORM_SECURITY_PATCH := 2017-10-01 + PLATFORM_SECURITY_PATCH := 2017-11-01 endif ifeq "" "$(PLATFORM_BASE_OS)" -- cgit v1.2.3