AOSP Changelogs

android-security-16.0.0_r2 to android-security-16.0.0_r3 AOSP changelog

This only includes the Android Open Source Project changes and does not include any changes in any proprietary components included by Google or any hardware manufacturer. The raw log was generated using a modified version of this script written by JBQ and improved by Al Sutton.

Please do not copy this without attribution to this site and JBQ for the original script.

+- Project: platform/build

25c5cd26aa : Version bump to BP2A.250805.014 [core/build_id.mk]
19cfb62183 : Version bump to BP2A.250805.013 [core/build_id.mk]
286b49cb8d : Version bump to BP2A.250805.012 [core/build_id.mk]
7c8b119f3d : Version bump to BP2A.250805.011 [core/build_id.mk]

+- Project: platform/build/release

b11607ea3 : Select sqlite 3.44.5 on ap3a

+- Project: platform/cts

1bcf948f5e5 : Track DNG SDK 1.7.1 API changes

+- Project: platform/external/dng_sdk

de700ad : Crude DNG SDK 1.7.1 upgrade

+- Project: platform/external/skia

40c3f0a50f : Backport DNG SDK 1.7.1 support in SkRawCodec

+- Project: platform/external/sqlite

cbebed3 : Install sqlite 3.44.5 source files

+- Project: platform/frameworks/av

8febdebcb5 : C2SoftDav1dDec: configure decoder to output only one layer in SVC mode

+- Project: platform/frameworks/base

4d488a6a05ab : Revert "Fix build failure in release branch"
7dd276c1cf34 : Revert "Ignore pinned Windows"
de27b16b1af8 : Validate displayName for AssociationRequest
0f3e248787d8 : Add missing import in test
84dd2b90f4a2 : Don't allow 3p apps to become voice recognizer automatically
d6df825fda3a : Enforce a hard limit for the size of images to be decoded
d00bcda9f42d : Get all accounts no matter the visibility
d550a457e65c : Sanitize window private flags based on caller permissions.
9489a5dcd3cd : print: Prevent cross-user icon access
9fb37191609f : Add onKeyEvent, to support KEYCODE_HOME
70ab82c4546a : Do not use BIND_INCLUDE_CAPABILITIES when bind PrintService
6d1697c96c5c : RESTRICT AUTOMERGE: Backport Cut max duration for default transition to 1500
31e77d73c5e6 : Don't allow read truncation or appending for file operations.
db86972777c8 : Allow resetting the voice recognition service if its package uninstalled
a5795fc0cf1f : Check length of MBR component name properties
ec0c32ea736b : Disallow factory reset while in DSU mode
aa9fbb1b74eb : Check the strongAuthTracker for lockdown instead of LockPatternUtils
2ae33e496027 : Protect shell overriding the carrier config
03d704069914 : Use ParceledListSlice to paginate response from getPackagesForOpsForDevice binder API
c69e16c3efda : Ensure exit animations are canceled prior to user switch
93629e575f69 : Prevent accidental creation of PackagePreferences for non-existing packages
b4c6786312a2 : Validate IME metadata before parsing
de2cbccd1070 : Remove all pending keyguard exits on SHOW
68170bad5225 : GRANT TRUSTED_OVERLAY after PiP is entered
ea2bcc665342 : Make sure to disassociate all the packages with shared UID
5ec1cdae1805 : [CDM] Limit NLS revoke to applicable roles.
848f94492175 : Remove exception for Q- apps from app op validation
2aeba76a58c1 : Limit usages sent to safety center by user
02751bc65824 : Do not recycle Parcel when lazy value is used
08a0766708db : Cap the number of channels that an NLS can create for other packages
b812baa1463c : Delete updateNotificationChannelGroupFromPrivilegedListener
78760f098fab : Validate user on biometric auth and keyguard done
eb19b27ed8ab : Add flag to exclude capability propagation when connecting MediaBrowser
1cfd8237b5a8 : Use provided calling uid/pid for checking intercept-global-drag flag
e707f6600330 : Add WIU/BFSL allowlisting to MediaButtonReceiverHolder.send
039030a6b0e7 : Do not propagate WIU/BFSL for MediaController.sendCommand
28579dff4305 : Add resolveActivityAsUserForExplicitType api to pm
fb8f76eca907 : Check sound Uri permission when creating a notification channel
31989869759e : [CDM] Revoke NLS when all associations are removed.

+- Project: platform/frameworks/native

de59cf7083 : Add each blur region as a separate request
cc34c7b416 : RESTRICT AUTOMERGE: Backport When an opaque window has alpha < 0.5, don't let it receive touches.
6ffdde944d : Set mDataSize properly in appendFrom

+- Project: platform/frameworks/opt/telephony

fee68bcdcf : [Telephony][Security Fix] Launch Browser only if device is unlocked.

+- Project: platform/packages/apps/CertInstaller

d688ebd : Prevent settings impostors from installing CA certs

+- Project: platform/packages/apps/Launcher3

7628af9bf7 : Send KEYCODE_HOME for home button instead of startActivity directly

+- Project: platform/packages/apps/Settings

e62ac1ecd3a : Import translations. DO NOT MERGE ANYWHERE
8ec6581ae70 : Backport BT pairing dialog changes
aa744e8988f : [nfc] Fix string injection in default payment app selector
83447688f8e : Add check to prevent privilege escalation from trampoline added in change Ie469c47005afb941f5646a2f790736362c23c697.
596c7b9911f : Hide sensistive content from locked profiles
586f8dedd8e : Prevent SettingsSliceProvider from accessing unused packages

+- Project: platform/packages/modules/Bluetooth

769a3dea80 : Remove flag save_peer_csrk_after_ltk_gen
7ccb456f6d : Remove flag bonded_device_smp_failure_handling

+- Project: platform/packages/modules/IntentResolver

bbe2dc3f : Verify caller access rights for the additional content URI.
4e6cf528 : Use the new packageManager API to forward intents

+- Project: platform/packages/services/Mms

c60a828 : Verify calling user on mms downloads

+- Project: platform/packages/services/Telecomm

a43a880be : Catch IllegalArgumentException when unbinding CallRedirectionServiceConnection

+- Project: platform/packages/services/Telephony

2afec5750 : Restricting UserBuild from presistent carrierConfig Override
2f0eeeee7 : Protect shell overriding the carrier config
851fc787e : fix: Use permission check for contact URI validation