android-security-11.0.0_r1 to android-security-11.0.0_r49 AOSP changelog

30da0ae75b : Fix dm-test invocation
2cab2984a0 : dex2oat_vdex_test: add missing dependency on core boot image.
ed240ee14f : Do not accept vdex with dex sections from .dm files
18129aaa60 : Add SafetyNet logging to JNI::NewStringUTF.
4075f9a9f1 : Validate input of JNI::NewStringUTF().

9f47dbb59c : Version bump to RSV1.210329.025 [core/build_id.mk]
aa268b90be : Version bump to RSV1.210329.024 [core/build_id.mk]
ed6175dd2f : Version bump to RSV1.210329.023 [core/build_id.mk]
49f2b58ae0 : Version bump to RSV1.210329.022 [core/build_id.mk]
c316366f16 : Version bump to RSV1.210329.021 [core/build_id.mk]
eae575729a : Version bump to RSV1.210329.020 [core/build_id.mk]
be86a7969e : Version bump to RSV1.210329.019 [core/build_id.mk]
102f721d7b : Version bump to RSV1.210329.018 [core/build_id.mk]
7c0aec33f1 : Version bump to RSV1.210329.017 [core/build_id.mk]
fb318def21 : Version bump to RSV1.210329.016 [core/build_id.mk]
1a79d5bb75 : Version bump to RSV1.210329.015 [core/build_id.mk]
e16f04c244 : Version bump to RSV1.210329.014 [core/build_id.mk]
2d3f3fee9a : Version bump to RSV1.210329.013 [core/build_id.mk]
aacb825144 : Version bump to RSV1.210329.012 [core/build_id.mk]
c8e00364af : Version bump to RSV1.210329.011 [core/build_id.mk]
d109d80a18 : Version bump to RSV1.210329.010 [core/build_id.mk]
2021f22b54 : Version bump to RSV1.210329.009 [core/build_id.mk]
fecdbb6d12 : Version bump to RSV1.210329.008 [core/build_id.mk]
cafd55492e : Version bump to RSV1.210329.007 [core/build_id.mk]
a0b5b5ae8f : Version bump to RSV1.210329.006 [core/build_id.mk]
5e67736ef2 : Version bump to RSV1.210329.005 [core/build_id.mk]
9b174b8014 : Version bump to RSV1.210329.004 [core/build_id.mk]
e0caf7138d : Version bump to RSV1.210329.003 [core/build_id.mk]
3123f2a3b1 : Version bump to RSV1.210329.002 [core/build_id.mk]

44aefc2 : Fix heap buffer overflow in sbrDecoder_AssignQmfChannels2SbrChannels().

2de4fa8 : dnsmasq: fix heap overflow

a1e00f683 : Cherry-pick one upstream patch

4cea53b : RESTRICT AUTOMERGE ANDROID: Fix negative stack write in sgdisk

e2f3f19 : resolve merge conflicts of 26957fb8e6b761837a499431d79ffcc7b4be9af4 to rvc-dev

a7029bb : Decoder: Update check for increment u2_cur_slice_num
312f20d : encoder: fix invalid free of raw buffers
4ae2be0 : avcenc: Add bitstream overflow check during emulation prevention
a33a421 : decoder: Update check for first mb in slice

6d95743 : fixes some (not all) buffer overreads during decoding pentax makernote entries.
12acd57 : libexif: Avoid buffer overflow due to compiler optimization

cf09950 : Reject non-ASCII hostnames and SANs.

81110a029 : Add implementation for UserManager#getAllProfiles

adb5f2f378 : Only treat PNG_COLOR_TYPE_RGB as 565

8f74a27 : sonivox: Fix global buffer overflow in WT_InterpolateNoLoop

b79eec7 : DO NOT MERGE Fix CVE-2020-15358 and CVE-2020-13871
7616db5 : DO NOT MERGE Fix floating point to text conversion overflow

f375b87c : P2P: Fix a corner case in peer addition based on PD Request
7cd233ab : P2P: Fix copying of secondary device types for P2P group client

a211f131a0 : aaudio: unlock when joining the timestamp thread
623218ee08 : aaudio: prevent deadlock when stop() calls disconnect()
18c2266e56 : [RESTRICT AUTOMERGE]Fix CryptoPlugin use after free vulnerability.
909e636aa4 : Fix potential decrypt destPtr overflow.
9b1a401ab6 : Fix UAF in clearkey service's MemoryFileSystem
f6e1dc24a1 : [RESTRICT AUTOMERGE] Fix possible uaf of play policy state
200fa3ab04 : Prevent read of uninitialized memory
589a4921a6 : Improve handling MediaCodec linkToDeath() resource manager
7a8ddf7945 : Fix double free of play policy in a race condition.
e0044d3d7b : Fix potential decrypt src pointer overflow.
4038082970 : MediaCodec: propagate usage from original surface to release surface
7acb1a39b5 : Fix potential overflow in WAV extractor
d0999db199 : Fix memory overflow in ESQueue

fb173a023100 : Changed INTERACT_ACROSS_PROFILES appop to be set per UID
ee583fd2e448 : TIF: fix issue of using caller-aware methods after clearCallingIdentity()
42f9dee6ca9a : Backporting the change of ag/15629060 to rvc-dev
6c6a7f603618 : Bluetooth: Fix formatting in getAlias()
b3ae74f4d7c0 : Fix parsing code parcelling errors
87b6fcde5f83 : camera2: Fix exception swallowing in params classes createFromParcel
a95cfc3ed8cf : Revert "BG-FGS-start while-in-use permission restriction improve..."
6ea366bbdcd6 : Make sure that only the owner can call stopVpnProfile()
b292b324ff22 : DO NOT MERGE Apply a maximum char count to the load label api
ad26067143e9 : Send targeted broadcasts to prevent other apps from receiving them.
966544082991 : Guard DISABLE_PLUGIN with PLUGIN permission.
ab25eb5ccf90 : Fix a potential thread safety issue in VectorDrawable
1f5c49f196e5 : Fix background bypass via notifications
0b3d14f849a1 : Change ownership of the account request notification.
a9c5f6011443 : Revert "wifidisplay: restrict broadcast by the proper permission"
867fbc5d755d : Use IntentFilter CREATOR directly for serializing ParsedIntentInfo
b87eeb131445 : Don't export HeapDumpProvider.
47fcdecf9eda : Don't attach private Notification to A11yEvent when user locked
30f20d50b5ae : Avoid locking profile task when it is already lock
3781f8d67b89 : Improve ellipsize performance
5fae544a74fa : Fix side effects of trace-ipc and dumpheap commands
00ed66b85045 : DO NOT MERGE Add cross-user check for getDefaultSmsPackage().
227d36872d5c : BG-FGS-start while-in-use permission restriction improvement.
e2499b0eae7d : Remove ParsedIntentInfo CREATOR
24bc0ffa8050 : Fix race condition between lockNow() and updateLockscreenTimeout
76ad235b052e : [security] SubscriptionGroup is exposed to unprivileged callers
79d7528eaf65 : Block SAF directory access to /sdcard/Android
1d3fa3d9673e : [RESTRICT AUTOMERGE] Fix OOB write in noteAtomLogged
afc122ec9d30 : Remove sendNetworkConditionsBroadcast
dd4cd2c00341 : Ensure storage permission revoke happens for all users
2e4cb8c28fd4 : Restrict alarm broadcast
dd70c8f6a5f6 : Detects all activities for whether showing work challenge
9b67d754e89d : DO NOT MERGE - Disallow deletion of channels with FGS notifications
f599ab850f1f : Increase maximum allowed size for status bar icons
78e5c3b991e0 : [DO NOT MERGE] Make PendingIntents in screenshots immutable
87aa1627e447 : wifidisplay: restrict broadcast by the proper permission
b9a8d8e14f35 : Fix legacy APIs when VPN switches to suspended underlying network.
7825bc961bcc : Backport test coverage from aosp/1547496.
1cfd6b6b6412 : Backport some helpers in ConnectivityServiceTest.
d31ccb1a2939 : Test for bugs with suspended VPN underlying networks.
503245d18cc9 : Add a test for getDefaultNetworkCapabilitiesForUser.
d590e33ee842 : Improve testing of CONNECTIVITY_ACTION broadcasts.
a3bdd1ba01e9 : Test passing an underlying network array with null network in it.
515b6d846cb8 : Make testVpnNetworkActive more deterministic.
abb9e372f9dd : Make MockVpn more realistic and easier to use.
66f3d4b7cd3c : Increase test coverage for VPN info sent to NetworkStatsService.
a2e6363767b2 : Simplify MockVpn.
590e29610d8f : Test a VPN with an underlying network that does not yet exist.
a79d0cc4f76a : Limit maximum allowed size for a status bar icon
d2af4844cb8e : Adds caller check to getAllPackages()
914a284e4d25 : Restrict the overridden min size for PiP
0b5d3c5b8c34 : Add pkg target to snoozing alarm
50ffab1efffb : Allow empty tokens in strict grammar
91f4c1f2a8c4 : Allow empty tokens in strict grammar
068749ff72ec : [DO NOT MERGE] Make screenshot error notification PendingIntent immutable
3f4a62d24605 : DO NOT MERGE: Associate notif cancels with notif posts
5b0436f20a40 : [RESTRICT AUTOMERGE] Use userId instead of USER_CURRENT in shouldLockKeyguard.
f8ac8b06afc7 : Revoke storage on SDK downgrade or new full storage request
2c3a57f2e5bd : [DO NOT MERGE] Close screenshot process on user switched
6715ca1aef47 : Fix thread safety issue on clearing cache
59d62576fa40 : [SettingsProvider] extend font size scale range
46f2f0ddbf93 : DO NOT MERGE: Do not inject mock location to chipset
ac2d2bcb92bb : [RESTRICT AUTOMERGE] Fix potential out of bounds writes in LogEvent.
72f04443f5ee : Check mode/boost index before accessing cached support value
a665ca1c8731 : Only update native InputApplicationHandle once
23e82ef60617 : Allow CDM to hide overlays
e58947984d2c : Prevent non-system overlays from showing over CDM UI
c4fecb0e50c7 : RESTRICT AUTOMERGE: Set mAllowWhileInUsePermissionInFgs correctly when bindService() from background.
b32b7706d171 : Protect account chooser activities against overlay.
ad9b7e8ef51a : [SettingsProvider] fix font size scale validator
a36751334228 : Ensure caller identity is restored in CP quick-path.
44350b9b58ec : Remove updateIntentVerificationStatusAsUser from ResolverActivity
40c7f1a6bbb7 : Revoke the uri permission when the file is deleted
c7d07d4f0ab8 : Ignore GrantCredentials call with unexpected calling uid.
f267e978665e : Protect GrantCredentialsPermissionActivity against overlay.
f41f29d0493d : Revoke permission on non-runtime -> runtime upgrade
9910c88ce4b2 : Ensure permissions are revoked on state changes
9a8fd389d920 : Hide overlays over uninstall confirm dialog
d198d797cc7d : RESTRICT AUTOMERGE Fix CDM package check
d1052f374ae9 : remove sensitive pii from safetynet logging
6fa4c7eb85a0 : Revoke install permissions when the permission defining app is uninstalled.
80f1812363e6 : DO NOT MERGE Check fingerprint client against top activity in auth callback
c99108d36ddb : Fix the issue provider can be wrong when requesting slice permission
0d00d1bd7be1 : Enforce permission checks in getting app exit reasons
f1ac7e8cc454 : Fix storing the wrong value of mLockdown in setting
475b75ed5ab9 : [BACKPORT] Improve location checks in TelephonyRegistry
33d56547d653 : Do not re-initialize synthetic password
5713daf6b011 : Fix VrDisplayTest failure
e6ae2d223932 : Require permission to create trusted displays
e0fd5a8b13d2 : Accept repeated locale as an input of LocaleList construction.
7812252d2e24 : Sanitize more of the notification text fields
5ea6c0fe0778 : DO NOT MERGE Fix NPE in executeDeletePackageLIF.
23d894bf7e8f : DO NOT MERGE Don't allow non-instant permissions for instant apps.

16c73e9 : Use strong pointer in ALooper to avoid use-after-free
e98c7ae : Ensure looper isn't used after invalidateSensorQueue

c2dff19 : Break layout context before and after bidi control character

571b407460 : libbinder: uptimeMillis returns int64_t! am: 3ba4963f5b am: 17aa765fd3 am: d666af6990
9297865297 : Do not modify vector after getting references
ffa62ed93f : libbinder: readString*Inplace SafetyNet (II)
6fa3f0d421 : libbinder: check null bytes in readString*Inplace
d12cbfc998 : resolve merge conflicts of cae2ee036040fc0dce9fc82af9bf8d85240d566b to rvc-dev
e0ef447437 : libbinder: Add ClientCounterCallbackImpl to LazyServiceRegistrar
2682439656 : Prevent mEventCache UAF in SensorEventConnection
1f8eaf998c : libbinder_ndk: fix failure when dump/shell are unset

f08b2f1 : Add permission for the broadcast intent with SIP profiles for security purpose.

65bfcc085 : [Suggestion] Check foreground user for API call

f367815f7f : fix the issue that clearCallingIdentity before appops check
db51ae5669 : [security] SubscriptionGroup is exposed to unprivileged callers
fa47477dad : filter deviceIdentifiers for subscriptionInfo if callers without perm
a5b1af7447 : Check READ_PRIVILEGED_PHONE_STATE instead of READ_PHONE_STATE for getAvailableSubscriptionInfoList

42f2fe7e5 : audio HAL - fix UAFs
1ada03a6e : [RESTRICT AUTOMERGE] Fix CryptoPlugin use after free vulnerability.
ac147d711 : Fix potential decrypt destPtr overflow.
47f90cb5e : Fix potential decrypt src pointer overflow.

99e17cc : OOBW in phNxpNciHal_process_ext_rsp

be231aa384e : Reject non-ASCII hostnames and SANs.

a3cab302 : Fix exported broadcast receiver vulnerability

2e57fcca7 : Add permission to start NFC activity to ensure it is from NFC stack
886da5722 : Hide non system overlays in ContactSelectionActivity
1271e435b : Stop returning intent data in QuickContact in onActivityResult
0802c8f82 : Prevent overlays on vCard import flows

e6efc0f : Install CA certificates into KeyStore

d8c6dd03e : Set FLAG_IMMUTABLE flag on FirstScreenBroadcast PendingIntent.

e5d68ad4 : Fix INTERACT_ACROSS_PROFILES appop issue for shared UIDs
bfdb706c : Grant MANAGE_APP_OPS_MODES to Managed Provisioning

5257e9ad : Add HIDE_NON_SYSTEM_OVERLAY_WINDOWS permission to Nfc
31b6865d : CRLF Injection in Nfc ConfirmConnectActivity
198b25d1 : Potential out of bound in phNciNfc_RecvMfResp
ac7e6bd6 : Tapjacking vulnerability when pairing Bluetooth devices with NFC

ba8f0a733a : Import translations. DO NOT MERGE ANYWHERE
a7e6aafcd2 : RESTRICT AUTOMERGE Fix phishing attacks over Bluetooth due to unclear warning message
c88b7d51b8 : RESTRICT AUTOMERGE Update string
a76abcb6d2 : RESTRICT AUTOMERGE Fix unable to send file via OPP
3dcc012b61 : RESTRICT AUTOMERGE Fix bluetooth settings will broadcast to anywhere when some cases
9fc0500321 : Prevent drawing on top of DevicePickerActivity
c55a88c3be : [DO NOT MERGE] Modify Wi-Fi details settings to restricted style
45e059bb7d : Prevent HTML Injection on the Device Admin request screen
9388ce6de6 : Hide non-system overlay window on ActivityPicker
7dd067cddf : Prevent disconnecting admin-configured VPN
37231e5e6d : [Security Report] Fix Settings WifiScanModeActivity Overlaid issue
1eaeadf81d : Prevent using invalid result uri during multi user image change
2e8b895d34 : RESTRICT AUTOMERGE Update String
b6fd747eba : RESTRICT AUTOMERGE Fix phishing attacks over Bluetooth due to unclear warning message
e17ab07d3d : Prevent overlay drawing on top of Bluetooth activity dialog
8798bc40df : Add bluetooth package to permission request intent
f7633a8f27 : RESTRICT AUTOMERGE Prevent non-system overlays from showing over notification listener consent dialog

8c222de : Fix OOB read in DNS resolver

afb9068c : Fix the security issue that preloaded apps can get SSID & BSSID

d51dd8b : Add SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS to CalendarDebugActivity

b19ed80d : Enforce strict grammar when querying the call log

a449e110 : Update the style to the message of PermissionDialog
466bb2ac : Allow permission dialog to show more than 2 lines.

3cb6a8363 : Grpc Graph - fix use after free

9e4480d40 : Fix security vulnerability of TelecomManager#getPhoneAccountsForPackage

2403fab55 : Add intent-filter priority for CONFIGURE_VOICEMAIL intent.

17eff0d6 : Only restore apex backups on non-checkpointing devices.

26bb7f9 : Fix UAF problem in wificond

382e3eadf : Use std::shared_ptr in Epoll's callback list.
e10fe32c1 : Fix potential use-after-free bug in reboot
0f9d291a0 : storaged: protect global proto_loaded

ac332c8 : Check for misaligned read and write pointers

f5734a1 : verify embedded buffer matches address in parent

cd5b819 : Type confusion due to race condition on tag type change
92014d9 : Memory Disclosure, OOB Write, and Double Free in NFC T3T tag
a3ffc09 : OOB Write in NFC stack when handling MIFARE Classic TLVs
eade78a : NFC - Memory disclosure in rw_i93_sm_format

70b2ef0 : Make mIsDeviceLockedForUser synchronized.

b10d59548 : system_app: remove adb data loader permissions

07655c7c : hidl_test_java: reflect new overread check in art