Android: Security Bulletin 2017-11-01

[eaglerainbow]

Android started to issue fixes.

resolves #214 see also #216

[rocketwidget]

Note that there are 3 November security patches, and only the latest, 2017-11-06, fixes KRaCK.

The original Pixel / Nexus Security Bulletin—November 2017 stated:

"For Google devices, security patch levels of 2017-11-05 or later address all issues in this bulletin and all issues in the November 2017 Android Security Bulletin."

which is wrong, and has since been updated. Nexus/Pixel devices have 2017-11-05 and it does NOT include all issues in the November 2017 Bulletin. It does not have the KRaCK fix.

I am not aware of any Android device with the 2017-11-06 patch, as of this moment.

https://source.android.com/security/bulletin/pixel/2017-11-01

https://source.android.com/security/bulletin/2017-11-01

Nexus/Pixel devices are now scheduled to get the KRaCK fix as part of the December security update.

https://arstechnica.com/gadgets/2017/11/pixel-wont-get-krack-fix-until-december-but-is-that-really-a-big-deal/

[eaglerainbow]

I tried to integrate your comment into the PR directly.

@rockwidget Are you able to translate these statements into the ANDROID_0-G.md file?

[Gunni]

Ugh!

[eaglerainbow]

@Gunni Thanks... Referencing your PR now.

Hopefully @kristate merges all these soon - it starts to become tricky to keep the overview...

[kristate]

Sorry -- let me know if you have a conflict free version and I will immediately merge it!

[eaglerainbow]

should be resolved with 69495e9

[kristate]

Updated!