Android Nougat AOSP Changes

Changes from 7.0.0_r34 (NBD92N) to 7.0.0_r35 (NBD92Q):

Warning Releases with no significant changes other than version bump in platform/build component are likely to only feature proprietary binary blob (e.g. firmwares) changes.

Newly Added Components (0):

None

Removed Components (0):

None

Updated Components (10):

  • platform/build with 3 change(s)
    • 60f603e : Version bump to NBD92Q
    • 9f4ac38 : Version bump to NBD92P
    • 04d9916 : Update Security String on Bugfix to 2017-11-01:wq (cherry picked from commit ea6c7f6fbe0b0b0422080da9bd1042a70d714d2b)

  • platform/external/libavc with 5 change(s)
    • 4f17d68 : Decoder: Fixed hang in the case of dangling field
    • 2bd8ef8 : Decoder: Updated error check while parsing num_ref_idx_lx_active.
    • 736c404 : Decoder: Corrected variable datatypes in ih264d_get_implicit_weights.
    • 2da39a8 : Added an out of bound check on u4_num_bufs in input argument
    • b589894 : Decoder: Conceal picture only if valid picture buffer is obtained.

  • platform/external/libhevc with 3 change(s)
    • b551854 : Alloc extra bytes for bits buf for parse optimzation
    • 5694f79 : Added an out of bound check on u4_num_bufs in input argument
    • fd34060 : Fix tile index buf alloc size

  • platform/external/libmpeg2 with 9 change(s)
    • 01a4fe0 : Update num_mbs_left When mb_x is Reset.
    • 9dd781e : Fix Error When Input Buffer is Full
    • 2a4c871 : Reject Multiple seq_hdr With Different Dimensions
    • c43182d : DoS error - Bitstream Overflow
    • 2f48b56 : Propagating Error From impeg2d_pre_pic_dec_proc
    • 6c26e36 : Check on Picture Dimensions
    • f657860 : Fix Half Pel MC on Last Ref Row
    • baee958 : Check Number of MBs to Skip.
    • d9eb6d7 : Replace memcpy with memmove to Solve Memory Overlap Error

  • platform/external/skia with 1 change(s)

  • platform/external/wpa_supplicant_8 with 8 change(s)
    • 3d3b306 : TDLS: Reject TPK-TK reconfiguration
    • a49b14c : Fix PTK rekeying to generate a new ANonce
    • 7a74ee3 : Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
    • 86b1b9d : FT: Do not allow multiple Reassociation Response frames
    • 31c16a5 : WNM: Ignore WNM-Sleep Mode Response without pending request
    • 718e6dd : Prevent installation of an all-zero TK
    • 2db7df6 : hostapd: Avoid key reinstallation in FT handshake
    • f884d56 : Prevent reinstallation of an already in-use group key

  • platform/frameworks/av with 15 change(s)
    • e06876b : Soundtrigger service: fix cross deadlock with audio policy service
    • bbf0543 : OMXNodeInstance: use a lock in freeNode
    • bfc3238 : Handle idle-loaded state transition when loaded-idle is still in progress
    • d8986ec : IMediaExtractor: ensure users to check returned value by getTrack.
    • a5cdf4c : Don't CHECK if the source can't be started
    • 6df1ed7 : Fix issues with extractor dumpsys
    • 18deb0b : Fix information disclosure in mediadrmserver
    • dad55e6 : m4v_h263: fix global buffer overflow
    • d16ad50 : AudioPolicyService: Acquire mutex for SoundTriggerSession
    • 0e884b7 : nuplayer: handle error from MediaCodec in Decoder handleAnOutputBuffer
    • fbc6364 : media: Fix a typo in parsing nclc atom.
    • 8e6fe06 : Fix memory leaks
    • b7645d5 : EffectBundle: Check parameter and value size
    • 769e346 : Track graphic buffer mode in OMXNodeInstance
    • 76349a9 : Block allocateBufferWithBackup in secure native handle mode

  • platform/frameworks/base with 5 change(s)
    • 5d26164 : Stop explicitly using kCallerPasses_Ownership
    • a0bfd44 : Fix ClipboardService device lock check for cross profile
    • bb4c561 : Prevent getting data from Clipboard if device is locked
    • 1e235dc : Clearing up invalid entries when SyncStorageEngine starts
    • 27f7c58 : DPC should not be allowed to grant development permission

  • platform/system/bt with 2 change(s)
    • f03d516 : Read the correct amount of attributes
    • e786de1 : SDP: Bounds check 'id' parameter for free_sdp_slot()

  • platform/system/core with 2 change(s)
    • 3f022a0 : zip_archive: reject files that don't start with an LFH signature.
    • dfb3d1e : Fix integer overflow in utf{16,32}_to_utf8_length