Login
Newsletter
Werbung

Sicherheit: Unsichere Verwendung temporärer Dateien in android-tools
Aktuelle Meldungen Distributionen
Name: Unsichere Verwendung temporärer Dateien in android-tools
ID: FEDORA-2013-1750
Distribution: Fedora
Plattformen: Fedora 18
Datum: So, 10. Februar 2013, 10:29
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5564
Applikationen: android-tools

Originalnachricht

Name        : android-tools
Product : Fedora 18
Version : 20130123git98d0789
Release : 1.fc18
URL : http://developer.android.com/guide/developing/tools/
Summary : Android platform tools(adb, fastboot)
Description :

The Android Debug Bridge (ADB) is used to:

- keep track of all Android devices and emulators instances
connected to or running on a given host developer machine

- implement various control commands (e.g. "adb shell", "adb
pull", etc.)
for the benefit of clients (command-line users, or helper programs like
DDMS). These commands are what is called a 'service' in ADB.

Fastboot is used to manipulate the flash partitions of the Android phone.
It can also boot the phone using a kernel image or root filesystem image
which reside on the host machine rather than in the phone flash.
In order to use it, it is important to understand the flash partition
layout for the phone.
The fastboot program works in conjunction with firmware on the phone
to read and write the flash partitions. It needs the same USB device
setup between the host and the target phone as adb.

-------------------------------------------------------------------------------
-
Update Information:

- Update to upstream git commit 98d0789
- Resolves: rhbz 903074 Move udev rule to docs as example
- Resolves: rhbz 879585 Introduce adb.service with PrivateTmp
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Jan 28 2013 Ivan Afonichev <ivan.afonichev@gmail.com> -
20130123git98d0789-1
- Update to upstream git commit 98d0789
- Resolves: rhbz 903074 Move udev rule to docs as example
- Resolves: rhbz 879585 Introduce adb.service with PrivateTmp
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #879585 - CVE-2012-5564 android-tools (server): Insecure temporary
file used for logging [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=879585
[ 2 ] Bug #903074 - android-tools: please fix or remove (non useful) udev
rule
https://bugzilla.redhat.com/show_bug.cgi?id=903074
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update android-tools' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Unterstützer werden
Neue Nachrichten
Werbung