Sicherheit: Pufferüberlauf in android-tools
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in android-tools
ID: FEDORA-2015-0938
Distribution: Fedora
Plattformen: Fedora 21
Datum: So, 15. Februar 2015, 11:33
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1909
Applikationen: android-tools


Name        : android-tools
Product : Fedora 21
Version : 20141219git8393e50
Release : 2.fc21
URL : http://developer.android.com/guide/developing/tools/
Summary : Android platform tools(adb, fastboot)
Description :

The Android Debug Bridge (ADB) is used to:

- keep track of all Android devices and emulators instances
connected to or running on a given host developer machine

- implement various control commands (e.g. "adb shell", "adb
pull", etc.)
for the benefit of clients (command-line users, or helper programs like
DDMS). These commands are what is called a 'service' in ADB.

Fastboot is used to manipulate the flash partitions of the Android phone.
It can also boot the phone using a kernel image or root filesystem image
which reside on the host machine rather than in the phone flash.
In order to use it, it is important to understand the flash partition
layout for the phone.
The fastboot program works in conjunction with firmware on the phone
to read and write the flash partitions. It needs the same USB device
setup between the host and the target phone as adb.

Update Information:

Harden android-tools
Update to 5.0.2 release

* Sun Jan 11 2015 Ivan Afonichev <ivan.afonichev@gmail.com> -
- Resolves: rhbz 1062095 Harden android-tools
- Remove 0002-Add-missing-headers.patch
* Wed Dec 24 2014 Jonathan Dieter <jdieter@lesbg.com> -
- Update to 5.0.2 release
* Fri Sep 19 2014 Ivan Afonichev <ivan.afonichev@gmail.com> -
- Added more udev devices
- Resolves: rhbz 967216 Adb service now stores keys in /var/lib/adb

[ 1 ] Bug #1062095 - CVE-2014-1909 android-tools: stack-based buffer overflow
flaw in Android Debug Bridge (ADB) client

This update can be installed with the "yum" update program. Use
su -c 'yum update android-tools' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten