Merge "Docs: Added security researcher credit to December bulletin"
diff --git a/src/security/bulletin/2015-12-01.jd b/src/security/bulletin/2015-12-01.jd
index 78391c9..067d288 100644
--- a/src/security/bulletin/2015-12-01.jd
+++ b/src/security/bulletin/2015-12-01.jd
@@ -24,7 +24,7 @@
</div>
</div>
-<p><em>Published December 07, 2015 | Updated December 09, 2015</em></p>
+<p><em>Published December 07, 2015 | Updated December 22, 2015</em></p>
<p>We have released a security update to Nexus devices through an over-the-air
(OTA) update as part of our Android Security Bulletin Monthly Release process.
@@ -142,10 +142,6 @@
</table>
-<p>The <a href="{@docRoot}security/overview/updates-resources.html#severity">severity assessment</a> is based on the effect that exploiting the vulnerability would have on an
-affected device, assuming the platform and service mitigations are disabled for
-development purposes or if successfully bypassed.</p>
-
<h2 id="mitigations">Mitigations</h2>
@@ -186,13 +182,15 @@
<li> Peter Pi of Trend Micro: CVE-2015-6616, CVE-2015-6628
<li> Qidan He (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) and Marco Grassi (<a href="https://twitter.com/marcograss">@marcograss</a>) of <a href="http://k33nteam.org/">KeenTeam</a> (<a href="https://twitter.com/k33nteam">@K33nTeam</a>): CVE-2015-6622
<li> Tzu-Yin (Nina) Tai: CVE-2015-6627
+ <li> Joaquín Rinaudo (<a href="https://twitter.com/xeroxnir">@xeroxnir</a>) of Programa
+ STIC at Fundación Dr. Manuel Sadosky, Buenos Aires, Argentina: CVE-2015-6631
</ul>
<h2 id="security_vulnerability_details">Security Vulnerability Details</h2>
<p>In the sections below, we provide details for each of the security
vulnerabilities listed in the <a href="#security_vulnerability_summary">Security Vulnerability Summary</a> above. There is a description of the issue, a severity rationale, and a table
-with the CVE, associated bug, severity, affected versions, and date reported.
+with the CVE, associated bug, severity, updated versions, and date reported.
When available, we will link the AOSP change that addressed the issue to the
bug ID. When multiple changes relate to a single bug, additional AOSP
references are linked to numbers following the bug ID.</p>
@@ -217,7 +215,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -266,7 +264,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -290,7 +288,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -316,7 +314,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -355,7 +353,7 @@
<th>CVE</th>
<th>Bug(s) </th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -382,7 +380,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -413,7 +411,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -436,7 +434,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -459,7 +457,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -484,7 +482,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -510,7 +508,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -548,7 +546,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -572,7 +570,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -595,7 +593,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -619,7 +617,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -641,7 +639,7 @@
<th>CVE</th>
<th>Bug(s) with AOSP links</th>
<th>Severity</th>
- <th>Affected versions</th>
+ <th>Updated versions</th>
<th>Date reported</th>
</tr>
<tr>
@@ -669,4 +667,5 @@
<ul>
<li> December 07, 2015: Originally Published
<li> December 09, 2015: Bulletin revised to include AOSP links.
+ <li> December 22, 2015: Added missing credit to Acknowledgements section.
</ul>
