You are here
Home > Preporuke > Ranjivost programskog paketa android-tools

Ranjivost programskog paketa android-tools

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2015-01-20 20:11:28

Name : android-tools
Product : Fedora 21
Version : 20141219git8393e50
Release : 2.fc21
Summary : Android platform tools(adb, fastboot)
Description :

The Android Debug Bridge (ADB) is used to:

– keep track of all Android devices and emulators instances
connected to or running on a given host developer machine

– implement various control commands (e.g. “adb shell”, “adb pull”, etc.)
for the benefit of clients (command-line users, or helper programs like
DDMS). These commands are what is called a ‘service’ in ADB.

Fastboot is used to manipulate the flash partitions of the Android phone.
It can also boot the phone using a kernel image or root filesystem image
which reside on the host machine rather than in the phone flash.
In order to use it, it is important to understand the flash partition
layout for the phone.
The fastboot program works in conjunction with firmware on the phone
to read and write the flash partitions. It needs the same USB device
setup between the host and the target phone as adb.

Update Information:

Harden android-tools
Update to 5.0.2 release

* Sun Jan 11 2015 Ivan Afonichev <> – 20141224git8393e50-2
– Resolves: rhbz 1062095 Harden android-tools
– Remove 0002-Add-missing-headers.patch
* Wed Dec 24 2014 Jonathan Dieter <> – 20141224git8393e50-1
– Update to 5.0.2 release
* Fri Sep 19 2014 Ivan Afonichev <> – 20130123git98d0789-5
– Added more udev devices
– Resolves: rhbz 967216 Adb service now stores keys in /var/lib/adb

[ 1 ] Bug #1062095 – CVE-2014-1909 android-tools: stack-based buffer overflow flaw in Android Debug Bridge (ADB) client

This update can be installed with the “yum” update program. Use
su -c ‘yum update android-tools’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorTomislav Protega
Cert idNCERT-REF-2015-02-0029-ADV
ID izvornikaFEDORA-2015-0938
More in Preporuke
Sigurnosni nedostaci programskog paketa krb5

Otkriveni su sigurnosni nedostaci u programskom paketu krb5 za operacijski sustav Suse. Otkriveni nedostaci potencijalnim napadačima omogućuju stjecanje administratorskih ovlasti,...