android_build

...

Author	SHA1	Message	Date
Aaron Kling	27d4148d2b	fixup! Compute the needed shared libs for otatools. The futility target for host is futility-host. This is required for ryu out of tree signing. Change-Id: I6c06ec69f991abc23597e19dd4478774cc4d56c4	1 year ago
Kevin F. Haggerty	235f4a8778	Bump Security String to 2022-11-05 Implemented: ============ CVE: References: Type: Severity: Updated AOSP versions: CVE-2022-2209 A-235601882 EoP High 10, 11, 12, 12L, 13 CVE-2022-20426 A-236263294 DoS High 10, 11, 12, 12L, 13 CVE-2022-20441 A-238605611 EoP High 10, 11, 12, 12L, 13 CVE-2022-20445 A-225876506 ID High 10, 11, 12, 12L, 13 CVE-2022-20446 A-229793943 EoP High 10, 11 CVE-2022-20448 A-237540408 EoP High 10, 11, 12, 12L, 13 CVE-2022-20450 A-210065877 EoP High 10, 11, 12, 12L, 13 CVE-2022-20451 A-235098883 EoP High 10, 11, 12, 12L, 13 CVE-2022-20453 A-240685104 DoS High 10, 11, 12, 12L, 13 CVE-2022-20454 A-242096164 EoP High 10, 11, 12, 12L, 13 CVE-2022-20462 A-230356196 EoP High 10, 11, 12, 12L, 13 CVE-2022-20463 A-231985227 EoP High 10, 11, 12, 12L, 13 CVE-2022-20465 A-218500036 EoP High 10, 11, 12, 12L, 13 Previously Implemented: ======================= CVE: References: Type: Severity: Updated AOSP versions: Prior Change: CVE-2022-20414 A-234441463 DoS High 10, 11, 12, 12L, 13 b710f4590eb7 44beaf40e6ab Not Implemented: ======================= None Not Applicable (platform source): ================================= CVE: References: Type: Severity: Updated AOSP versions: CVE-2022-20447 A-233604485 ID High 13 CVE-2022-20452 A-240138318 EoP High 13 CVE-2022-20457 A-243924784 EoP High 13 Change-Id: I12e5d9979019cf217a74c02415953a81944b9afe	1 year ago
Kevin F. Haggerty	b8ce524b7e	Bump Security String to 2022-10-05 Implemented: ============ CVE: References: Type: Severity: Updated AOSP versions: CVE-2021-39758 A-205130886 EoP Moderate 10, 11, 12 CVE-2022-20394 A-204906124 ID High 10, 11, 12, 12L CVE-2022-20410 A-205570663 ID High 10, 11, 12, 12L, 13 CVE-2022-20412 A-230794395 EoP High 10, 11, 12, 12L, 13 CVE-2022-20413 A-235850634 ID High 10, 11, 12, 12L, 13 CVE-2022-20415 A-231322873 EoP Moderate 10, 11, 12, 12L, 13 CVE-2022-20425 A-235823407 DoS High 10, 11, 12, 12L, 13 Previously Implemented: ======================= CVE: References: Type: Severity: Updated AOSP versions: Prior Change: CVE-2021-39624 A-67862680 DoS High 11, 12, 12L 6c65bf119c8f8 CVE-2022-20351 A-224771921 ID High 10, 11, 12, 12L a54f2f6b Not Implemented: ======================= None Not Applicable (platform source): ================================= CVE: References: Type: Severity: Updated AOSP versions: CVE-2021-39673 A-195410559 ID High 13 CVE-2022-20416 A-237717857 EoP High 12, 12L, 13 CVE-2022-20417 A-237288416 EoP High 12, 12L, 13 CVE-2022-20418 A-231986464 ID High 12, 12L, 13 CVE-2022-20419 A-237290578 ID Critical 12L, 13 CVE-2022-20420 A-238377411 EoP High 13 Change-Id: I764f97fccc008066ca87f48438121ea4777f6fac	1 year ago

Author

SHA1

Message

Date

Aaron Kling

27d4148d2b

fixup! Compute the needed shared libs for otatools.

The futility target for host is futility-host. This is required for
ryu out of tree signing.

Change-Id: I6c06ec69f991abc23597e19dd4478774cc4d56c4

Kevin F. Haggerty

235f4a8778

Bump Security String to 2022-11-05

Implemented:
============
CVE:            References:    Type:  Severity:  Updated AOSP versions:
CVE-2022-2209   A-235601882    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20426  A-236263294    DoS    High       10, 11, 12, 12L, 13
CVE-2022-20441  A-238605611    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20445  A-225876506    ID     High       10, 11, 12, 12L, 13
CVE-2022-20446  A-229793943    EoP    High       10, 11
CVE-2022-20448  A-237540408    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20450  A-210065877    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20451  A-235098883    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20453  A-240685104    DoS    High       10, 11, 12, 12L, 13
CVE-2022-20454  A-242096164    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20462  A-230356196    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20463  A-231985227    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20465  A-218500036    EoP    High       10, 11, 12, 12L, 13

Previously Implemented:
=======================
CVE:            References:    Type:  Severity:  Updated AOSP versions:  Prior Change:
CVE-2022-20414  A-234441463    DoS    High       10, 11, 12, 12L, 13     b710f4590eb7
                                                                         44beaf40e6ab

Not Implemented:
=======================
None

Not Applicable (platform source):
=================================
CVE:            References:    Type:  Severity:  Updated AOSP versions:
CVE-2022-20447  A-233604485    ID     High       13
CVE-2022-20452  A-240138318    EoP    High       13
CVE-2022-20457  A-243924784    EoP    High       13

Change-Id: I12e5d9979019cf217a74c02415953a81944b9afe

Kevin F. Haggerty

b8ce524b7e

Bump Security String to 2022-10-05

Implemented:
============
CVE:            References:    Type:  Severity:  Updated AOSP versions:
CVE-2021-39758  A-205130886    EoP    Moderate   10, 11, 12
CVE-2022-20394  A-204906124    ID     High       10, 11, 12, 12L
CVE-2022-20410  A-205570663    ID     High       10, 11, 12, 12L, 13
CVE-2022-20412  A-230794395    EoP    High       10, 11, 12, 12L, 13
CVE-2022-20413  A-235850634    ID     High       10, 11, 12, 12L, 13
CVE-2022-20415  A-231322873    EoP    Moderate   10, 11, 12, 12L, 13
CVE-2022-20425  A-235823407    DoS    High       10, 11, 12, 12L, 13

Previously Implemented:
=======================
CVE:            References:    Type:  Severity:  Updated AOSP versions:  Prior Change:
CVE-2021-39624  A-67862680     DoS    High       11, 12, 12L             6c65bf119c8f8
CVE-2022-20351  A-224771921    ID     High       10, 11, 12, 12L         a54f2f6b

Not Implemented:
=======================
None

Not Applicable (platform source):
=================================
CVE:            References:    Type:  Severity:  Updated AOSP versions:
CVE-2021-39673  A-195410559    ID     High       13
CVE-2022-20416  A-237717857    EoP    High       12, 12L, 13
CVE-2022-20417  A-237288416    EoP    High       12, 12L, 13
CVE-2022-20418  A-231986464    ID     High       12, 12L, 13
CVE-2022-20419  A-237290578    ID     Critical   12L, 13
CVE-2022-20420  A-238377411    EoP    High       13

Change-Id: I764f97fccc008066ca87f48438121ea4777f6fac

2 changed files with 2 additions and 2 deletions

										
											2

core/Makefile

										Unescape
										Escape
									
											View File
										
					@ -4199,7 +4199,7 @@ INTERNAL_OTATOOLS_MODULES += \

					ifeq (true,$(PRODUCT_SUPPORTS_VBOOT))

					INTERNAL_OTATOOLS_MODULES += \

					  futility \

					  futility-host \

					  vboot_signer

					endif

										
											2

core/version_defaults.mk

										Unescape
										Escape
									
											View File
										
					@ -240,7 +240,7 @@ ifndef PLATFORM_SECURITY_PATCH

					    #  It must be of the form "YYYY-MM-DD" on production devices.

					    #  It must match one of the Android Security Patch Level strings of the Public Security Bulletins.

					    #  If there is no $PLATFORM_SECURITY_PATCH set, keep it empty.

					      PLATFORM_SECURITY_PATCH := 2022-09-05

					      PLATFORM_SECURITY_PATCH := 2022-11-05

					endif

					.KATI_READONLY := PLATFORM_SECURITY_PATCH

Compare commits

3 Commits

e3b9dc0260 ... 27d4148d2b

2

core/Makefile

Unescape Escape View File

2

core/version_defaults.mk

Unescape Escape View File

Compare commits

3 Commits e3b9dc0260 ... 27d4148d2b

2 core/Makefile Unescape Escape View File

2 core/version_defaults.mk Unescape Escape View File

3 Commits

e3b9dc0260 ... 27d4148d2b

2

core/Makefile

Unescape Escape View File

2

core/version_defaults.mk

Unescape Escape View File