AOSP Changelogs

android-security-14.0.0_r24 to android-security-14.0.0_r25 AOSP changelog

This only includes the Android Open Source Project changes and does not include any changes in any proprietary components included by Google or any hardware manufacturer. The raw log was generated using a modified version of this script written by JBQ and improved by Al Sutton.

Please do not copy this without attribution to this site and JBQ for the original script.

+- Project: platform/build

bae596836b : Version bump to USV1.230808.049 [core/build_id.mk]
4b26d9fa12 : Version bump to USV1.230808.048 [core/build_id.mk]

+- Project: platform/external/dng_sdk

d0bfe8e : Update to DNG SDK 1.7.1 2410

+- Project: platform/external/sqlite

3b55568 : Update sqlite to 3.42.1
db53e52 : Upgrade SQLite to version 3.42.0
ba40d84 : Revert "Update sqlite to 3.39.6"

+- Project: platform/frameworks/av

8bf16f1ae9 : Fix vulnerability in drmserver

+- Project: platform/frameworks/base

77d8e59a1af6 : [UidMigration] fix update uninstallation with sharedUserMaxSdkVersion
cb1ce8020b43 : Limit the number of services (NLSes, etc) that can be approved per user
00fd75533614 : Cleanup user-set NLS list on package removed
e20813dba23a : MediaSession: Enforce max name length on broadcast receivers too
d02a81da9715 : RESTRICT AUTOMERGE: Validate the position value for UsageEvent
5e1623a880d2 : Be more strict about content types for message array
6a3e551a7d3f : Prevent long press on profile notifs when locked
c1f49d2c2cac : RESTRICT AUTOMERGE Apps clearing self data shouldn't get permissions restored
a9550d0a75d0 : Explicitly unset INSTALL_FROM_MANAGED_USER_OR_PROFILE flag
699e4677367e : Update isSameApp check
ad0b8a7b63ac : Prevent launchedFromPackage spoofing via FLAG_ACTIVITY_FORWARD_RESULT.
ecf88469d44f : Handle loadDescription OutOfMemoryError in DeviceAdminInfo
bc52aa800354 : Introduce InputMethodSubtypeSafeList
558ee85e1d4a : Harden InputMethodInfo parsing against large metadata
b9455ddd2a42 : Introduce InputMethodInfoSafeList
d7a73fb8bfc2 : RESTRICT AUTOMERGE Trim permission, permission group names
a404da3cbbc6 : RESTRICT AUTOMERGE Prohibit untrusted proxys from specifying proxied attribution tags
7320b5316d76 : Ensure sandboxed UIDs are treated as untrusted in Appops
334c15a0ebee : [ENR] Only skip hide sensitive anim for showing public
0c21f3c990cd : RESTRICT AUTOMERGE Ignore pinned Windows (Consolidated fix)
4e7b14350ece : Revert "RESTRICT AUTOMERGE Ignore pinned Windows"
36e65fce2d51 : Prevent activity token leaked to another process
9ff1c081e9f7 : [RESTRICT AUTOMERGE] Stay in app pinned mode upon SystemUI crash
75ca85729ad3 : RESTRICT AUTOMERGE Ignore pinned Windows

+- Project: platform/frameworks/native

6906658b06 : Clip to layer bounds when drawing blur regions
dab4de0e4b : Truncate WindowInfo.name during parcelling.

+- Project: platform/hardware/st/nfc

502f180 : [NFC] Fix use-after-free in eventCallback

+- Project: platform/packages/apps/DocumentsUI

a48245c5b : Prevent a malicious selector from launching an arbitrary activity.

+- Project: platform/packages/apps/Settings

19171d5c31a : Check permission of the calling package in multi-pane devices

+- Project: platform/packages/modules/Permission

e45172ad90 : RESTRICT AUTOMERGE Update RuntimePermissionsUpgradeController to accept null PermGroups
35b4e29a41 : RESTRICT AUTOMERGE V2 Merge all permissions in a shared UID for every package in that UID
1b3339bc22 : RESTRICT AUTOMERGE Add SystemGalleryRoleBehavior
d935a1e0b1 : Revert^2 "Ensure Gallery always shows as system fixed"
49053e04e1 : Revert "Revert "Display the system gallery storage permission as..."
c88f7c2d9f : Revert "Display the system gallery storage permission as system fixed"
08781ef6be : Revert "Ensure Gallery always shows as system fixed"

+- Project: platform/packages/modules/Virtualization

ed2818f83 : vmbase,pvmfw: aarch64: Clean dcache to PoC not PoU

+- Project: platform/packages/providers/MediaProvider

003dd5514 : Throw exception on MediaStore createRequest for non-existent uri
50387ce9d : Fix ACCESS_MEDIA_LOCATION bypass via SAF picker
45db544a1 : Store calling package uid of create bulk requests for permission checks
12fbdbc6b : Restore calling identity when exception is thrown
e599e8d93 : [security-aosp-udc-staging] Remove default ignoreable characters before regex checks

+- Project: platform/packages/providers/TelephonyProvider

d3b6d700 : Fix SQL injection vulnerability in SMS/MMS providers
1552b677 : Preventing deleting file that does not belong to parts directory.