L'aggiornamento LMY48M disponibile per la gamma Nexus

10 Settembre 2015 - Max Capitosti

- Project: platform/build
3b9e3a3 : "LMY48M"
f165cfb : LMY48L
a3ebc82 : "LMY48K"
c445cc3 : "LMY48J"
fa943a9 : "LMY48I"
5a71557 : "LMY48H"
40be6ec : "LMY48G"
13f696e : "LMY48F"
546a5aa : "LMY48E"
38deeee : "LMY48D"
bca602e : "LMY48C"

- Project: device/samsung/manta
3209a6f : manta: update prebuilt kernel (DO NOT MERGE)

- Project: platform/external/conscrypt
edf7055 : OpenSSLX509Certificate: mark mContext as transient

- Project: platform/external/libpng
dd0ed46 : Restore a width check that was removed from png.c (CVE-2015-0973)

- Project: platform/external/skia
e28401b : DO NOT MERGE Prevent integer wrap around for malloc size when creating a SkRegion

- Project: platform/external/sonivox
e999f07 : DLS parser: fix wave pool size check.

- Project: platform/external/wpa_supplicant_8
4cf0f2d : P2P: Validate SSID element length before copying it

- Project: platform/frameworks/av
6fe85f7 : MPEG4Extractor.cpp: handle chunk_size > SIZE_MAX
304ef91 : Guard against codecinfo overflow
a5d9298 : Revert "DO NOT MERGE: Lock drm plugin API calls globally, not per MediaDrm instance"
d776139 : DO NOT MERGE: Lock drm plugin API calls globally, not per MediaDrm instance
f4f7e0c : Prevent integer underflow if size is below 6
2674a72 : Prevent integer overflow when processing covr MPEG4 atoms
e846a5f : Prevent reading past the end of the buffer in 3GPP
aeea52d : audio effects: fix heap overflow
463a6f8 : Fix integer overflow when handling MPEG4 tx3g atom
f4a88c8 : Fix integer underflow in covr MPEG4 processing
3cb1b69 : IOMX: Enable buffer ptr to buffer id translation for arm32
086d84f : IOMX: Add buffer range check to emptyBuffer
c82e31a : HDCP: buffer over flow check -- DO NOT MERGE
d48f0f1 : Add AUtils::isInRange, and use it to detect malformed MPEG4 nal sizes
5150492 : Add some sanity checks
5e75195 : Fix integer underflow in ESDS processing
2434839 : Fix integer overflow during MP4 atom processing
cf1581c : Fix several ineffective integer overflow checks

- Project: platform/frameworks/base
8fba7e6 : Prevent insanely long passwords from crashing SystemUI
1e72dc7 : DO NOT MERGE: Ensure that unparcelling Region only reads the expected number of bytes
4cff1f4 : Check that the parcel contained the expected amount of region data. DO NOT MERGE
a5e904e : DO NOT MERGE Change to add STK_PERMISSION for stk related commands.
e3cde78 : Prevent system uid component from running in an app process
aaa0fee : Lockdown AM.getRunningAppProcesses API with permission.REAL_GET_TASKS
0b98d30 : DO NOT MERGE Don't take flags when creating app widget config activity.
d44e5bd : Make Bitmap_createFromParcel check the color count. DO NOT MERGE
0e40462 : Revert "DO NOT MERGE Backport of limited jank-tracking metrics"
d5a4a1a : DO NOT MERGE Backport of limited jank-tracking metrics

- Project: platform/frameworks/native
e68cbc3 : Disregard alleged binder entities beyond parcel bounds
7dcd0ec : Verify that the native handle was created

- Project: platform/frameworks/opt/telephony
df31d37 : Externally-reported Moderate severity vulnerability in SMS: Apps can bypass the SMS short code notification prompt
b485814 : DO NOT MERGE Change to add STK_PERMISSION for stk related commands.

- Project: platform/packages/apps/Stk
1d8e001 : DO NOT MERGE Change to add STK_PERMISSION for stk related commands.

- Project: platform/packages/services/Telephony
fcb1d13 : DO NOT MERGE Change to make STK related intents protected.

- Project: platform/system/core
e8c62fb : Prevent integer overflow when allocating native_handle_t

- Project: platform/system/security
bb9f439 : Fix unchecked length in Blob creation