863074 – (CVE-2014-1909) VUL-0: CVE-2014-1909: android-tools: buffer overflow flaw in adb

Bug 863074 (CVE-2014-1909) - VUL-0: CVE-2014-1909: android-tools: buffer overflow flaw in adb

Summary: VUL-0: CVE-2014-1909: android-tools: buffer overflow flaw in adb

Status:	RESOLVED FIXED

Alias:	CVE-2014-1909

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other openSUSE 13.1

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Dmitry Roshchin
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2014-02-10 14:01 UTC by Alexander Bergmann
Modified:	2015-02-18 23:18 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2014-02-10 14:01:46 UTC

A stack-based buffer overflow flaw was found in the adb tool.

CVE-2014-1909 was assigned to this issue.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1062095

Comment 1 Ruediger Oertel 2014-02-10 15:27:09 UTC

why is this assigned to me, I've never seen this package

Comment 2 Alexander Bergmann 2014-02-10 15:45:40 UTC

I guess this needs to be adjusted. 

$> osc bugowner -e android-tools
Defined in project:  hardware
  bugowner of android-tools : 
   ro@suse.com

Assigning bug to Dmitry, based on previous changes entries.

Comment 3 Ruediger Oertel 2014-02-10 15:49:32 UTC

I was listed as bugowner for the full project "hardware" ... removed.

Comment 4 Swamp Workflow Management 2014-02-10 23:00:15 UTC

bugbot adjusting priority

Comment 5 Bernhard Wiedemann 2014-05-02 21:00:20 UTC

This is an autogenerated message for OBS integration:
This bug (863074) was mentioned in
https://build.opensuse.org/request/show/232492 13.1 / android-tools
https://build.opensuse.org/request/show/232493 12.3 / android-tools

Comment 6 Bernhard Wiedemann 2014-05-04 09:00:11 UTC

This is an autogenerated message for OBS integration:
This bug (863074) was mentioned in
https://build.opensuse.org/request/show/232576 Factory / android-tools

Comment 7 Sebastian Krahmer 2014-05-13 13:56:39 UTC

released

Comment 8 Swamp Workflow Management 2014-05-13 14:04:44 UTC

openSUSE-SU-2014:0636-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 863074
CVE References: CVE-2014-1909
Sources used:
openSUSE 13.1 (src):    android-tools-4.2.2_r1-2.4.1

Comment 9 Swamp Workflow Management 2014-05-13 14:04:56 UTC

openSUSE-SU-2014:0637-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 863074
CVE References: CVE-2014-1909
Sources used:
openSUSE 12.3 (src):    android-tools-4.2.1_r1-2.5.1