Skip to content

Releases: AndroidVTS/android-vts

AndroidVTS v.13

Choose a tag to compare

@Fuzion24 Fuzion24 released this 15 Dec 15:04
  • Prioritize vulnerables which were positive on the device
  • Add intro/welcome screens
  • Add a test for CVE-2015-6616 from the December sec bulletin

AndroidVTS v.12

Choose a tag to compare

@Fuzion24 Fuzion24 released this 30 Nov 23:57

Add a dialog after scan to denote whether the device is vulnerable or not
Bubble vulnerable items to the top of the list

AndroidVTS v.11

Choose a tag to compare

@Fuzion24 Fuzion24 released this 25 Nov 21:01
  • Sort vulnerabilities by date of CVE descending
  • Enable WeakSauce check
  • Fix crashes with x509 serialization check on devices < Kitkat
  • Add check for CVE-2015-1528
  • Fix some UI state bugs
  • Small grammar fixes

AndroidVTS v.9

Choose a tag to compare

@Fuzion24 Fuzion24 released this 18 Nov 17:34
  • Fixes coloring issue(s) with failed/inconclusive tests
  • Adds new check for CVE-2015-6608
  • Fixes race condition related to running some stagefright checks
  • In the additional info, links to patches are shown instead of duped external links
  • Added the ability to (optionally, explicitly, and anonymously) share results to a publicly available Google spreadsheet

AndroidVTS v.6

Choose a tag to compare

@Fuzion24 Fuzion24 released this 14 Nov 19:45

Added descriptions to each vulnerability
Fixed some issues running on ARM64
Changed the vulnerability status to be yellow in the case of a failed test

AndroidVTS v.5

Choose a tag to compare

@Fuzion24 Fuzion24 released this 10 Nov 19:04

This should fix issues with the serialization bug accidentally decrementing the wrong address:

6b24708

*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
Build fingerprint: 'Verizon/zerofltevzw/zerofltevzw:5.0.2/LRX22G/G920VVRU1AOC3:user/release-keys'
Revision: '10'
ABI: 'arm'
pid: 16731, tid: 16741, name: FinalizerDaemon  >>> com.nowsecure.android.vts <<<
signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x135f
    r0 0000135f  r1 f7296914  r2 00001337  r3 f72770f0
    r4 0000135f  r5 f7296904  r6 00000000  r7 00000000
    r8 00000002  r9 f729f78c  sl f729f7b4  fp 00000014
    ip ed71a928  sp f4bbfa08  lr f71c2683  pc f71c2686  cpsr 00070030

backtrace:
    #00 pc 00058686  /system/lib/libcrypto.so (asn1_enc_free+11)
    #01 pc 000573d1  /system/lib/libcrypto.so
    #02 pc 000574a9  /system/lib/libcrypto.so (ASN1_template_free+74)
    #03 pc 00057417  /system/lib/libcrypto.so
    #04 pc 0005744f  /system/lib/libcrypto.so (ASN1_item_free+12)
    #05 pc 000174d1  /system/framework/arm/boot.oat

AndroidVTS v.4

Choose a tag to compare

@Fuzion24 Fuzion24 released this 10 Nov 18:03

Added the ability to execute vulns only on particular architectures.

AndroidVTS v.3

Choose a tag to compare

@Fuzion24 Fuzion24 released this 06 Nov 17:35

This update includes a new material design.