diff options
author | Clay Murphy <claym@google.com> | 2018-05-03 23:00:24 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2018-05-03 23:00:24 +0000 |
commit | 008a9e0bf136d461480396e6971347ce1c8b9484 (patch) | |
tree | 6f4bb1fe27ddd21544f74e80d0779cfeb00f4c7a /en/security | |
parent | 6930a80a9ae47f2686acbc17fbd5d18c24918066 (diff) | |
parent | fb789314a92670246a8254d97e62f2a9c61f00ad (diff) | |
download | source.android.com-008a9e0bf136d461480396e6971347ce1c8b9484.tar.gz |
Merge "Docs: Changes to source.android.com"android-o-mr1-iot-release-1.0.0
Diffstat (limited to 'en/security')
-rw-r--r-- | en/security/bulletin/2018-03-01.html | 11 | ||||
-rw-r--r-- | en/security/bulletin/_translation.yaml | 64 | ||||
-rw-r--r-- | en/security/bulletin/pixel/2018-02-01.html | 9 | ||||
-rw-r--r-- | en/security/bulletin/pixel/2018-04-01.html | 9 | ||||
-rw-r--r-- | en/security/overview/acknowledgements.html | 39 |
5 files changed, 76 insertions, 56 deletions
diff --git a/en/security/bulletin/2018-03-01.html b/en/security/bulletin/2018-03-01.html index b50f6331..862aa466 100644 --- a/en/security/bulletin/2018-03-01.html +++ b/en/security/bulletin/2018-03-01.html @@ -691,15 +691,16 @@ site</a>. </p> <p> <strong>6. Why are security vulnerabilities split between this bulletin and -device/partner security bulletins, such as the Pixel / Nexus bulletin?</strong> +device/partner security bulletins, such as the Pixel / Nexus bulletin?</strong> </p> <p> Security vulnerabilities that are documented in this security bulletin are required in order to declare the latest security patch level on Android devices. -Additional security vulnerabilities that are documented in the device/partner -security bulletins are not required for declaring a security patch level. -Android device and chipset manufacturers are encouraged to document the presence -of other fixes on their devices through their own security websites, such as the +Additional security vulnerabilities that are documented in the +device / partner security bulletins are not required for declaring +a security patch level. Android device and chipset manufacturers are encouraged +to document the presence of other fixes on their devices through their own security +websites, such as the <a href="https://security.samsungmobile.com/securityUpdate.smsb">Samsung</a>, <a href="https://lgsecurity.lge.com/security_updates.html">LGE</a>, or <a href="/security/bulletin/pixel/">Pixel / Nexus</a> diff --git a/en/security/bulletin/_translation.yaml b/en/security/bulletin/_translation.yaml index 88a35ea5..af2c6b7f 100644 --- a/en/security/bulletin/_translation.yaml +++ b/en/security/bulletin/_translation.yaml @@ -1,36 +1,36 @@ ignore_paths: -- /security/bulletin/2017.html -- /security/bulletin/2017-12-01.html -- /security/bulletin/2017-11-01.html -- /security/bulletin/2017-10-01.html -- /security/bulletin/2017-09-01.html -- /security/bulletin/2017-08-01.html -- /security/bulletin/2017-07-01.html -- /security/bulletin/2017-06-01.html -- /security/bulletin/2017-05-01.html -- /security/bulletin/2017-04-01.html -- /security/bulletin/2017-03-01.html -- /security/bulletin/2017-02-01.html -- /security/bulletin/2017-01-01.html -- /security/bulletin/2016.html -- /security/bulletin/2016-12-01.html -- /security/bulletin/2016-11-01.html -- /security/bulletin/2016-10-01.html -- /security/bulletin/2016-09-01.html -- /security/bulletin/2016-08-01.html -- /security/bulletin/2016-07-01.html -- /security/bulletin/2016-06-01.html -- /security/bulletin/2016-05-01.html -- /security/bulletin/2016-04-02.html -- /security/bulletin/2016-03-01.html -- /security/bulletin/2016-02-01.html -- /security/bulletin/2016-01-01.html -- /security/bulletin/2015.html -- /security/bulletin/2015-12-01.html -- /security/bulletin/2015-11-01.html -- /security/bulletin/2015-10-01.html -- /security/bulletin/2015-09-01.html -- /security/bulletin/2015-08-01.html +- /security/bulletin/2017 +- /security/bulletin/2017-12-01 +- /security/bulletin/2017-11-01 +- /security/bulletin/2017-10-01 +- /security/bulletin/2017-09-01 +- /security/bulletin/2017-08-01 +- /security/bulletin/2017-07-01 +- /security/bulletin/2017-06-01 +- /security/bulletin/2017-05-01 +- /security/bulletin/2017-04-01 +- /security/bulletin/2017-03-01 +- /security/bulletin/2017-02-01 +- /security/bulletin/2017-01-01 +- /security/bulletin/2016 +- /security/bulletin/2016-12-01 +- /security/bulletin/2016-11-01 +- /security/bulletin/2016-10-01 +- /security/bulletin/2016-09-01 +- /security/bulletin/2016-08-01 +- /security/bulletin/2016-07-01 +- /security/bulletin/2016-06-01 +- /security/bulletin/2016-05-01 +- /security/bulletin/2016-04-02 +- /security/bulletin/2016-03-01 +- /security/bulletin/2016-02-01 +- /security/bulletin/2016-01-01 +- /security/bulletin/2015 +- /security/bulletin/2015-12-01 +- /security/bulletin/2015-11-01 +- /security/bulletin/2015-10-01 +- /security/bulletin/2015-09-01 +- /security/bulletin/2015-08-01 enable_continuous_translation: True title: Android Security Bulletins description: Translations for Android Security Bulletins diff --git a/en/security/bulletin/pixel/2018-02-01.html b/en/security/bulletin/pixel/2018-02-01.html index c8bcb259..ebd55505 100644 --- a/en/security/bulletin/pixel/2018-02-01.html +++ b/en/security/bulletin/pixel/2018-02-01.html @@ -22,7 +22,7 @@ --> -<p><em>Published February 5, 2018 | Updated April 2, 2018</em></p> +<p><em>Published February 5, 2018 | Updated April 30, 2018</em></p> <p> The Pixel / Nexus Security Bulletin contains details of security @@ -353,7 +353,7 @@ QC-CR#2115365</a></td> <tr> <td>CVE-2017-15852</td> <td>A-36730614<a href="#asterisk">*</a><br /> - QC-CR#2046770</td> + QC-CR#2028702</td> <td>EoP</td> <td>Moderate</td> <td>Framebuffer</td> @@ -635,6 +635,11 @@ bulletin, are not required for declaring a security patch level. <td>April 2, 2018</td> <td>Moved CVE-2017-15817 from the February Android Bulletin to the February Pixel Bulletin.</td> </tr> + <tr> + <td>1.4</td> + <td>April 30, 2018</td> + <td>Updated CVE-2017-15852 from CR 2046770 to CR 2028702.</td> + </tr> </table> </body></html> diff --git a/en/security/bulletin/pixel/2018-04-01.html b/en/security/bulletin/pixel/2018-04-01.html index 0322f70a..fa87a16d 100644 --- a/en/security/bulletin/pixel/2018-04-01.html +++ b/en/security/bulletin/pixel/2018-04-01.html @@ -22,7 +22,7 @@ --> -<p><em>Published April 2, 2018 | Updated April 4, 2018</em></p> +<p><em>Published April 2, 2018 | Updated April 10, 2018</em></p> <p> The Pixel / Nexus Security Bulletin contains details of security @@ -900,7 +900,7 @@ and a summary of the issue. <tr> <td>A-72871435</td> <td>Logging</td> - <td>Improve network logging</td> + <td>Improve network performance when both VPN and Wi-Fi are enabled</td> <td>All</td> </tr> </table> @@ -1033,5 +1033,10 @@ bulletin, are not required for declaring a security patch level. <td>April 4, 2018</td> <td>Bulletin revised to include AOSP links.</td> </tr> + <tr> + <td>1.2</td> + <td>April 10, 2018</td> + <td>Bulletin revised to update description for A-72871435.</td> + </tr> </table> </body></html> diff --git a/en/security/overview/acknowledgements.html b/en/security/overview/acknowledgements.html index 74c88b2e..bd66f9dc 100644 --- a/en/security/overview/acknowledgements.html +++ b/en/security/overview/acknowledgements.html @@ -54,7 +54,16 @@ acknowledgements were listed together.</p> </td> </tr> <tr> - <td><a href="http://weibo.com/csddl">Chong Wang</a> and <a href="http://weibo.com/ele7enxxh">Zinuo Han</a> from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd + <td><a href="http://weibo.com/csddl">Chong Wang</a> of Chengdu Security Response Center, Qihoo + 360 Technology Co. Ltd + </td> + <td>CVE-2017-13287 + </td> + </tr> + <tr> + <td><a href="http://weibo.com/csddl">Chong Wang</a> and + <a href="http://weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security Response Center, Qihoo 360 + Technology Co. Ltd </td> <td>CVE-2017-13289, CVE-2017-13286 </td> @@ -72,7 +81,8 @@ acknowledgements were listed together.</p> </td> </tr> <tr> - <td>Dinesh Venkatesan (<a href="https://twitter.com/malwareresearch">@malwareresearch</a>) from Symantec + <td>Dinesh Venkatesan (<a href="https://twitter.com/malwareresearch">@malwareresearch</a>) of + Symantec </td> <td>CVE-2017-13295 </td> @@ -84,7 +94,8 @@ acknowledgements were listed together.</p> </td> </tr> <tr> - <td>En He(<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) and Bo Liu of <a href="http://www.ms509.com">MS509Team</a> + <td>En He (<a href="https://twitter.com/heeeeen4x">@heeeeen4x</a>) and Bo Liu of + <a href="http://www.ms509.com">MS509Team</a> </td> <td>CVE-2017-13294 </td> @@ -114,25 +125,20 @@ acknowledgements were listed together.</p> </td> </tr> <tr> - <td>Jianjun Dai(<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd + <td>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) and Guang Gong of Alpha + Team, Qihoo 360 Technology Co. Ltd </td> <td>CVE-2017-13291, CVE-2017-13283, CVE-2017-13282, CVE-2017-13281, CVE-2017-13267 </td> </tr> <tr> - <td><a href="https://github.com/michalbednarski">Michał Bednarski</a> - </td> - <td>CVE-2017-13287 - </td> - </tr> - <tr> - <td>Patrick Delvenne (<a href="https://twitter.com/wintzx">@wintzx</a>) Orange Labs + <td>Patrick Delvenne (<a href="https://twitter.com/wintzx">@wintzx</a>) of Orange Labs </td> <td>CVE-2018-3584 </td> </tr> <tr> - <td>Pengfei Ding(丁鹏飞), Chenfu Bao(包沉浮), Lenx Wei(韦韬) of Baidu X-Lab(百度安全实验室) + <td>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室) </td> <td>CVE-2017-13306, CVE-2017-13290, CVE-2017-15837 </td> @@ -156,13 +162,15 @@ acknowledgements were listed together.</p> </td> </tr> <tr> - <td><a href="mailto:huahuaisadog@gmail.com">Yang Dai</a> and <a href="http://weibo.com/panyu6325">Yu Pan</a> of Vulpecker Team, Qihoo 360 Technology Co. Ltd + <td><a href="mailto:huahuaisadog@gmail.com">Yang Dai</a> and + <a href="http://weibo.com/panyu6325">Yu Pan</a> of Vulpecker Team, Qihoo 360 Technology Co. Ltd </td> <td>CVE-2017-13304 </td> </tr> <tr> - <td>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of IceSword Lab, Qihoo 360 Technology Co. Ltd + <td>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of IceSword Lab, + Qihoo 360 Technology Co. Ltd </td> <td>CVE-2017-8269, CVE-2017-13307, CVE-2018-5826 </td> @@ -174,7 +182,8 @@ acknowledgements were listed together.</p> </td> </tr> <tr> - <td><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd + <td><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security Response Center, + Qihoo 360 Technology Co. Ltd </td> <td>CVE-2017-13288, CVE-2017-13298, CVE-2017-13296, CVE-2017-13299, CVE-2017-13275, CVE-2017-13285 </td> |