Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

To err is human, to moo bovine.

computers / comp.mobile.ipad / Re: iOS 17.0.3 has dropped

Re: iOS 17.0.3 has dropped

<0001HW.2ACE6259002EF3F67000006342CF@news.eternal-september.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=3033&group=comp.mobile.ipad#3033

  copy link   Newsgroups: misc.phone.mobile.iphone comp.mobile.ipad comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: use...@dorper.me (Dorper)
Newsgroups: misc.phone.mobile.iphone, comp.mobile.ipad, comp.sys.mac.advocacy
Subject: Re: iOS 17.0.3 has dropped
Date: Wed, 04 Oct 2023 20:17:45 -0700
Organization: A noiseless patient Spider
Lines: 391
Message-ID: <0001HW.2ACE6259002EF3F67000006342CF@news.eternal-september.org>
References: <s7WcnfKvtdmoBoD4nZ2dnZfqnPqdnZ2d@giganews.com> <ufkhim$kcbu$1@paganini.bofh.team> <ufklru$h60i$1@dont-email.me> <f_kTM.197$w4ec.85@fx14.iad> <ufkq5m$kree$1@paganini.bofh.team> <0001HW.2ACE2E5C002552157000006342CF@news.eternal-september.org> <ufl31t$pscb$1@paganini.bofh.team> <0001HW.2ACE4AF9002C06E27000006342CF@news.eternal-september.org> <ufl6l6$o5l3$1@dont-email.me> <ufl7pc$o90c$3@dont-email.me> <ufl8sp$oisa$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Injection-Info: dont-email.me; posting-host="1f28a35a0b774da2d25205ee006d2ac0";
logging-data="809230"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19Jlw0c5Qnn8AIdieSIYFN/"
User-Agent: Hogwasher/5.24
Cancel-Lock: sha1:aiAxNSUCN7OFDWIDoKpr95DSinQ=
 by: Dorper - Thu, 5 Oct 2023 03:17 UTC

On Oct 4, 2023, Wally J wrote
(in article <ufl8sp$oisa$1@dont-email.me>):

> (words words words)

A list of vulns that had to be patched in JUST the last month in Android:

CVE-2023-21266
A-223376078
(https://android.googlesource.com/platform/frameworks/base/+/5b7edbf2ba076b040
00eb5d27101927eeb609c26)
EoP
High
11, 12, 12L, 13

CVE-2023-40116
A-270368476
(https://android.googlesource.com/platform/frameworks/base/+/18c3b194642f3949d
09e48c21da5658fa04994c8) [2
(https://android.googlesource.com/platform/frameworks/base/+/18c3b194642f3949d
09e48c21da5658fa04994c8)]
EoP
High
11, 12, 12L

CVE-2023-40120
A-274775190
(https://android.googlesource.com/platform/frameworks/base/+/d26544e5a4fd554b7
90b4d0c5964d9e95d9e626b)
EoP
High
11, 12, 12L, 13

CVE-2023-40131
A-282919145
(https://android.googlesource.com/platform/frameworks/native/+/0cda11569dd256f
f3220b4fe44f861f8081d7116)
EoP
High
12, 12L, 13

CVE-2023-40140
A-274058082
(https://android.googlesource.com/platform/frameworks/base/+/2d88a5c481df8986d
bba2e02c5bf82f105b36243)
EoP
High
11, 12, 12L, 13

CVE-2023-21291
A-277593270
(https://android.googlesource.com/platform/frameworks/base/+/cb6282e8970f4c9db
5497889699e68fb2038566e)
ID
High
11, 12, 12L, 13

CVE-2023-40121
A-224771621
(https://android.googlesource.com/platform/frameworks/base/+/3287ac2d2565dc96b
f6177967f8e3aed33954253)
ID
High
11, 12, 12L, 13

CVE-2023-40134
A-283101289
(https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c55
29115cc1a1e0c97cd503f33)
ID
High
12, 12L, 13

CVE-2023-40136
A-281666022
(https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c55
29115cc1a1e0c97cd503f33)
ID
High
11, 12, 12L, 13

CVE-2023-40137
A-281665050
(https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c55
29115cc1a1e0c97cd503f33)
ID
High
11, 12, 12L, 13

CVE-2023-40138
A-281534749
(https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c55
29115cc1a1e0c97cd503f33)
ID
High
11, 12, 12L, 13

CVE-2023-40139
A-281533566
(https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c55
29115cc1a1e0c97cd503f33)
ID
High
11, 12, 12L, 13

CVE-2023-40129
A-273874525
(https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c0151a
a3ba76c785b32c7f9d16c98febe53017b1)
RCE
Critical
12, 12L, 13

CVE-2023-21244
A-276729064
(https://android.googlesource.com/platform/frameworks/base/+/3a448067ac9ebdf66
9951e90678c2daa592a81d3) [2
(https://android.googlesource.com/platform/frameworks/base/+/20aedba4998373add
c2befcc455a118585559fef)] [3
(https://android.googlesource.com/platform/frameworks/base/+/5a3d0c131175d923c
f35c7beb3ee77a9e6485dad)]
EoP
High
11, 12, 12L, 13

CVE-2023-40117
A-253043065
(https://android.googlesource.com/platform/packages/apps/Settings/+/11815817de
2f2d70fe842b108356a1bc75d44ffb) [2
(https://android.googlesource.com/platform/frameworks/base/+/ff86ff28cf82124f8
e65833a2dd8c319aea08945)]
EoP
High
11, 12, 12L, 13

CVE-2023-40125
A-279902472
(https://android.googlesource.com/platform/packages/apps/Settings/+/63d464c3fa
5c7b9900448fef3844790756e557eb)
EoP
High
11, 12, 12L, 13

CVE-2023-40128
A-274231102
(https://android.googlesource.com/platform/external/libxml2/+/1ccf89b87a3969ed
d56956e2d447f896037c8be7)
EoP
High
11, 12, 12L, 13

CVE-2023-40130
A-289809991
(https://android.googlesource.com/platform/packages/services/Telecomm/+/5b3354
01d1c8de7d1c85f4a0cf353f7f9fc30218)
EoP
High
11, 12, 12L, 13

CVE-2023-40123
A-278246904
(https://android.googlesource.com/platform/frameworks/base/+/7212a4bec2d2f1a74
fa54a12a04255d6a183baa9)
ID
High
11, 12, 12L, 13

CVE-2023-40127
A-262244882
(https://android.googlesource.com/platform/packages/providers/MediaProvider/+/
747431250612507e8289ae8eb1a56303e79ab678)
ID
High
11, 12, 12L, 13

CVE-2023-40133
A-283264674
(https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c55
29115cc1a1e0c97cd503f33)
ID
High
11, 12, 12L, 13

CVE-2023-40135
A-281848557
(https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c55
29115cc1a1e0c97cd503f33)
ID
High
11, 12, 12L, 13

CVE-2023-21252
A-275339978
(https://android.googlesource.com/platform/packages/modules/Wifi/+/044ab068415
3c4effb9f4fda47df43ccdc77bda8) [2
(https://android.googlesource.com/platform/packages/modules/Wifi/+/50b08ee30e0
4d185e5ae97a5f717d436fd5a90f3)]
DoS
High
11, 12, 12L, 13

CVE-2023-21253
A-266580022
(https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f24071
46e722ebd95a7d8bc6e3529) [2
(https://android.googlesource.com/platform/tools/apksig/+/039f815895f62c9f8af2
3df66622b66246f3f61e)] [3
(https://android.googlesource.com/platform/tools/apksig/+/41d882324288085fd32a
e0bb70dc85f5fd0e2be7)]
DoS
High
11, 12, 12L, 13

MediaProvider
CVE-2023-40127

WiFi
CVE-2023-21252

CVE-2021-44828
A-296461583 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Mali

CVE-2022-28348
A-296463357 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Mali

CVE-2023-4211
A-294605494 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Mali

CVE-2023-33200
A-287627703 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Mali

CVE-2023-34970
A-287624919 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Mali

CVE-2023-20819
A-294779648
M-MOLY01068234 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
CDMA PPP protocol

CVE-2023-32819
A-294779649
M-ALPS07993705 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
display

CVE-2023-32820
A-294781433
M-ALPS07932637 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
wlan firmware

CVE-2023-40638
A-296491611
U-2212107*
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Android

CVE-2023-33029
A-290061916
QC-CR#3446314
(https://git.codelinaro.org/clo/la/kernel/msm-5.4/-
/commit/d4b9e0d3bfcb5213e23f5642cb8dcc1433542303)
High
Kernel

CVE-2023-33034
A-290060972
QC-CR#3438425
(https://git.codelinaro.org/clo/la/platform/vendor/opensource/audio-kernel/-
/commit/dcfb376d706d85a27a9cdbda43b4701747dafd6f)
High
Audio

CVE-2023-33035
A-290061247
QC-CR#3438021
(https://git.codelinaro.org/clo/la/platform/vendor/opensource/audio-kernel/-
/commit/00dc5c043e24be3e38a93b6a7d17d1a474f713c6)
High
Audio

CVE-2023-24855
A-276750662 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
Critical
Closed-source component

CVE-2023-28540
A-276751073 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
Critical
Closed-source component

CVE-2023-33028
A-290060590 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
Critical
Closed-source component

CVE-2023-21673
A-276750698 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-22385
A-276750699 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-24843
A-276750762 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-24844
A-276750872 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-24847
A-276751090 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-24848
A-276750995*
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-24849
A-276751370*
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-24850
A-276751108 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-24853
A-276751372 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-33026
A-290061996 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-33027
A-290061249 *
(https://source.android.com/docs/security/bulletin/2023-10-01#asterisk)
High
Closed-source component

CVE-2023-4863
A-299477569
RCE
Critical
11, 12, 12L, 13

SubjectRepliesAuthor
o Re: iOS 17.0.3 has dropped

By: Wally J on Wed, 4 Oct 2023

54Wally J
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor