Merge "Add M4B30Z."
diff --git a/src/index.jd b/src/index.jd
index 4b48ea3..20969c3 100644
--- a/src/index.jd
+++ b/src/index.jd
@@ -32,7 +32,7 @@
accessories to the Android platform, and ensure your devices meet compatibility
requirements.</p>
-<h2 align="center">Android 7.0 Updates Available</h2>
+<h2 align="center">Android 7.1.1 Updates Available</h2>
</div>
@@ -44,46 +44,54 @@
<div class="col-8">
<h3>What's New</h3>
-<h4>A/B System Updates</h4>
-<p>A/B system updates ensure a workable booting system remains on the disk
-during an over-the-air (OTA) update, reducing the likelihood of an inactive
-device afterward. See <strong><a
-href="{@docRoot}devices/tech/ota/ab_updates.html">A/B System
-Updates</a></strong> for a detailed description of this feature and
-instructions for implementing it.</p>
+<h4>dalvik.annotation.MethodParameters</h4>
+<p>A <code>dalvik.annotation.MethodParameters</code> annotation has been added
+to AOSP after Android 7.1 that is optional and can be used to provide parameter
+metadata such as parameter names and modifiers. See <strong><a
+href="devices/tech/dalvik/dex-format.html#dalvik-annotation-method-parameters">Dalvik
+Executable format</a></strong> for a complete description.</p>
-<h4>November Android Security Bulletin</h4>
-<p>The <strong><a href="{@docRoot}security/bulletin/2016-11-01.html">November
+<h4>December Android Security Bulletin</h4>
+<p>The <strong><a href="{@docRoot}security/bulletin/2016-12-01.html">December
2016 Android Security Bulletin</a></strong> has been published along with links
to associated fixes. In addition, new
<strong><a href="{@docRoot}source/build-numbers.html#source-code-tags-and-builds">build
-numbers</a></strong> have been published for Pixel, Pixel XL, Pixel C,
-Nexus 6, Nexus 9, Nexus 5X, Nexus 6P, and Nexus Player running Android
-6.0.1, 7.0, and 7.1 to support the November Android security release.</p>
+numbers</a></strong> have been published for Nexus 6 running Android 7.0 and
+Pixel, Pixel XL, Pixel C, Nexus 5X, Nexus 6P, and Nexus Player running Android
+7.1.1 to support the December Android security release.</p>
-<h4>New CTS Downloads</h4>
-<p>Android 7.0 R3, Android 6.0 R12, and Android 5.1 R13 versions of the
-Compatibility Test Suite (CTS) and CTS Verifier are available for <strong><a
-href="{@docRoot}compatibility/cts/downloads.html">Download</a></strong>.</p>
+<h4>Retail Demo Mode</h4>
+<p>Android 7.1.1 includes system-level support for <strong><a
+href="devices/tech/display/retail-mode.html">retail demo mode</a></strong> to
+offer a quick, safe, and consistent demonstration of an Android device and
+significantly reduce the cost and complexity of a retail mode for
+manufacturers.</p>
-<h4>Android 7.0 CDD is Here</h4>
-<p>The <strong><a href="{@docRoot}compatibility/cdd.html">Android Compatibility
-Definition Document (CDD)</a></strong> for <strong><a
-href="{@docRoot}compatibility/7.0/android-7.0-cdd.html">Android 7.0 on the API level
-24</a></strong> is now available to the public.</p>
+<h4>Night Light</h4>
+<p>Android 7.1.1 includes a <strong><a
+href="{@docRoot}devices/tech/display/night-light.html">night light</a></strong>
+feature that reduces the amount of blue light emitted by the device display to
+better match the natural light of the user's time of day and location.</p>
-<h4>Using Filters for Smaller System Images</h4>
-<p>Implementing ART Just-In-Time (JIT) Compiler now contains recommendations
-for <strong><a
-href="{@docRoot}devices/tech/dalvik/jit-compiler.html#system_image_compilation_level">minimizing
-the system image size</a></strong> with the <code>interpret-only</code> filter in JIT.</p>
+<h4>App Shortcuts</h4>
+<p>Android 7.1.1 allows developers to define action-specific <strong><a
+href="{@docRoot}devices/tech/display/app-shortcuts.html">app
+shortcuts</a></strong> to let users quickly start common or
+recommended tasks.</p>
-<h4>Panic Button Support for Indian Phones</h4>
-<p>AOSP now provides support for the Panic button required on phones sold in
-India from 1 January 2017 through the <strong><a
-href="{@docRoot}devices/tech/connect/emergency-affordance.html">Emergency
-Affordance</a></strong> feature. See the guide for details on enabling this
-feature.</p>
+<h4>Circular Icons</h4>
+<p>Android 7.1.1 supports <strong><a
+href="{@docRoot}devices/tech/display/circular-icons.html">circular app
+icons</a></strong> that can be enabled with a small configuration change.</p>
+
+<h4>ART Memory Optimization</h4>
+<p>Starting with Android 7.1, two options are provided for controlling how
+memory is used when compiling everything besides the boot image:
+<code>dalvik.vm.dex2oat-very-large</code> and
+<code>dalvik.vm.dex2oat-swap</code>. See the <em>dalvik.vm Properties</em>
+section of <strong><a
+href="{@docRoot}devices/tech/dalvik/configure.html#dalvik_vm_properties">Configuring
+ART</a></strong> for details.</p>
</div>
diff --git a/src/security/bulletin/2016-12-01.jd b/src/security/bulletin/2016-12-01.jd
index 9279cf0..230e7c8 100644
--- a/src/security/bulletin/2016-12-01.jd
+++ b/src/security/bulletin/2016-12-01.jd
@@ -17,7 +17,7 @@
limitations under the License.
-->
-<p><em>Published December 05, 2016</em></p>
+<p><em>Published December 05, 2016 | Updated December 07, 2016</em></p>
<p>
The Android Security Bulletin contains details of security vulnerabilities
affecting Android devices. Alongside the bulletin, we have released a security
@@ -32,10 +32,9 @@
</p>
<p>
Partners were notified of the issues described in the bulletin on November 07,
-2016 or earlier. Source code patches for these issues will be released to the
-Android Open Source Project (AOSP) repository in the next 48 hours. We will
-revise this bulletin with the AOSP links when they are available. This bulletin
-also includes links to patches outside of AOSP.
+2016 or earlier. Source code patches for these issues have been released to the
+Android Open Source Project (AOSP) repository and linked from this bulletin.
+This bulletin also includes links to patches outside of AOSP.
</p>
<p>
The most severe of these issues are Critical security vulnerabilities in
@@ -450,6 +449,8 @@
href="mailto:arnow117@gmail.com">Hanxiang Wen</a>, Chiachih Wu (<a
href="https://twitter.com/chiachih_wu">@chiachih_wu</a>), and Xuxian Jiang of <a
href="http://c0reteam.org">C0RE Team</a>: CVE-2016-6759</li>
+ <li>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) of
+ Tesla Motors Product Security Team: CVE-2016-6915, CVE-2016-6916, CVE-2016-6917</li>
<li>Nightwatch Cybersecurity Research (<a
href="https://twitter.com/nightwatchcyber">@nightwatchcyber</a>): CVE-2016-5341</li>
<li>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab:
@@ -498,7 +499,7 @@
Mithra of Google for their contributions to this security bulletin.
</p>
-<h2 id="2016-12-01-details">2016-12-01 security patch level-Vulnerability
+<h2 id="2016-12-01-details">2016-12-01 security patch level—Vulnerability
details</h2>
<p>
In the sections below, we provide details for each of the security
@@ -592,7 +593,10 @@
</tr>
<tr>
<td>CVE-2016-6762</td>
- <td>A-31251826</td>
+ <td><a href="https://android.googlesource.com/platform/system/core/+/1ee4892e66ba314131b7ecf17e98bb1762c4b84c">
+ A-31251826</a>
+ [<a href="https://android.googlesource.com/platform/bionic/+/3656958a16590d07d1e25587734e000beb437740">2</a>]
+ </td>
<td>High</td>
<td>All</td>
<td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
@@ -626,7 +630,8 @@
</tr>
<tr>
<td>CVE-2016-6763</td>
- <td>A-31530456</td>
+ <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/1294620627b1e9afdf4bd0ad51c25ed3daf80d84">
+ A-31530456</a></td>
<td>High</td>
<td>All</td>
<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
@@ -658,38 +663,42 @@
<th>Date reported</th>
</tr>
<tr>
- <td>CVE-2016-6766</td>
- <td>A-31318219</td>
- <td>High</td>
- <td>All</td>
- <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
- <td>Sep 5, 2016</td>
+ <td>CVE-2016-6766 </td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20">
+ A-31318219</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
+ <td>Sep 5, 2016</td>
</tr>
<tr>
- <td>CVE-2016-6765</td>
- <td>A-31449945</td>
- <td>High</td>
- <td>All</td>
- <td>4.4.4, 5.0.2, 5.1.1, 7.0</td>
- <td>Sep 13, 2016</td>
+ <td>CVE-2016-6765</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/fd9cc97d4dfe2a2fbce2c0f1704d7a27ce7cbc44">
+ A-31449945</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 7.0</td>
+ <td>Sep 13, 2016</td>
</tr>
<tr>
- <td>CVE-2016-6764</td>
- <td>A-31681434</td>
- <td>High</td>
- <td>All</td>
- <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
- <td>Sep 22, 2016</td>
+ <td>CVE-2016-6764</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/av/+/0d13824315b0491d44e9c6eb5db06489ab0fcc20">
+ A-31681434</a></td>
+ <td>High</td>
+ <td>All</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
+ <td>Sep 22, 2016</td>
</tr>
<tr>
- <td>CVE-2016-6767</td>
- <td>A-31833604</td>
- <td>High</td>
- <td>None*</td>
- <td>4.4.4</td>
- <td>Google internal</td>
+ <td>CVE-2016-6767</td>
+ <td>A-31833604</td>
+ <td>High</td>
+ <td>None*</td>
+ <td>4.4.4</td>
+ <td>Google internal</td>
</tr>
</table>
+
<p>
* Supported Google devices on Android 7.0 or later that have installed all
available updates are not affected by this vulnerability.
@@ -723,7 +732,8 @@
</tr>
<tr>
<td>CVE-2016-6768</td>
- <td>A-31631842</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/ex/+/0ada9456d0270cb0e357a43d9187a6418d770760">
+ A-31631842</a></td>
<td>High</td>
<td>All</td>
<td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
@@ -797,7 +807,8 @@
</tr>
<tr>
<td>CVE-2016-6770</td>
- <td>A-30202228</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/2c61c57ac53cbb270b4e76b9d04465f8a3f6eadc">
+ A-30202228</a></td>
<td>Moderate</td>
<td>All</td>
<td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
@@ -832,7 +843,8 @@
</tr>
<tr>
<td>CVE-2016-6771</td>
- <td>A-31566390</td>
+ <td><a href="https://android.googlesource.com/platform/packages/services/Telephony/+/a39ff9526aee6f2ea4f6e02412db7b33d486fd7d">
+ A-31566390</a></td>
<td>Moderate</td>
<td>All</td>
<td>6.0, 6.0.1, 7.0</td>
@@ -866,7 +878,9 @@
</tr>
<tr>
<td>CVE-2016-6772</td>
- <td>A-31856351</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/a5a18239096f6faee80f15f3fff39c3311898484">
+ A-31856351</a>
+ [<a href="https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/29a2baf3195256bab6a0a4a2d07b7f2efa46b614">2</a>]</td>
<td>Moderate</td>
<td>All</td>
<td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0</td>
@@ -901,7 +915,9 @@
</tr>
<tr>
<td>CVE-2016-6773</td>
- <td>A-30481714</td>
+ <td><a href="https://android.googlesource.com/platform/external/libavc/+/026745ef046e646b8d04f4f57d8320042f6b29b0">
+ A-30481714</a>
+ [<a href="https://android.googlesource.com/platform/external/libavc/+/6676aeb4195e7c7379915c0972f3d209410f0641">2</a>]</td>
<td>Moderate</td>
<td>All</td>
<td>6.0, 6.0.1, 7.0</td>
@@ -936,7 +952,8 @@
</tr>
<tr>
<td>CVE-2016-6774</td>
- <td>A-31251489</td>
+ <td><a href="https://android.googlesource.com/platform/frameworks/base/+/e2d4f5fc313ecb4ba587b20fff6d346f8cd51775">
+ A-31251489</a></td>
<td>Moderate</td>
<td>All</td>
<td>7.0</td>
@@ -945,7 +962,7 @@
</table>
-<h2 id="2016-12-05-details">2016-12-05 security patch level-Vulnerability
+<h2 id="2016-12-05-details">2016-12-05 security patch level—Vulnerability
details</h2>
<p>
In the sections below, we provide details for each of the security
@@ -985,11 +1002,9 @@
<tr>
<td>CVE-2016-4794</td>
<td>A-31596597<br>
- <a
-href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28">
-Upstream kernel</a> <a
-href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">
-[2]</a></td>
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=6710e594f71ccaad8101bc64321152af7cd9ea28">
+ Upstream kernel</a>
+ [<a href="http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4f996e234dad488e5d9ba0858bc1bae12eff82c3">2</a>]</td>
<td>Critical</td>
<td>Pixel C, Pixel, Pixel XL</td>
<td>Apr 17, 2016</td>
@@ -997,11 +1012,9 @@
<tr>
<td>CVE-2016-5195</td>
<td>A-32141528<br>
- <a
-href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1">
-Upstream kernel</a> <a
-href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">
-[2]</a></td>
+ <a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1">
+ Upstream kernel</a>
+ [<a href="https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354">2</a>]</td>
<td>Critical</td>
<td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
Player, Pixel, Pixel XL</td>
@@ -1548,7 +1561,7 @@
<tr>
<td>CVE-2016-6786</td>
<td>A-30955111
-Upstream kernel</td>
+ <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b">Upstream kernel</a></td>
<td>High</td>
<td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
Player, Pixel, Pixel XL</td>
@@ -1557,7 +1570,7 @@
<tr>
<td>CVE-2016-6787</td>
<td>A-31095224
-Upstream kernel</td>
+ <a href="https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b">Upstream kernel</a></td>
<td>High</td>
<td>Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus
Player, Pixel, Pixel XL</td>
@@ -2036,9 +2049,8 @@
<td>CVE-2016-6756</td>
<td>A-29464815<br>
<a href="https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=f91d28dcba304c9f3af35b5bebaa26233c8c13a5">
-QC-CR#1042068</a>
-<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">
-[2]</a></td>
+ QC-CR#1042068</a>
+ [<a href="https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=3a214ef870dc97437c7de79a1507dfe5079dce88">2</a>]</td>
<td>Moderate</td>
<td>Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL</td>
<td>Jun 17, 2016</td>
@@ -2368,5 +2380,7 @@
</table>
<h2 id="revisions">Revisions</h2>
<ul>
-<li>December 05, 2016: Bulletin published.</li>
+ <li>December 05, 2016: Bulletin published.</li>
+ <li>December 07, 2016: Bulletin revised to include AOSP links and updated
+ attribution for CVE-2016-6915, CVE-2016-6916 and CVE-2016-6917.</li>
</ul>
