Docs: Changes to source.android.com
- 170780545 Remove empty sectiion by daroberts <daroberts@google.com>
- 170778785 Remove VTS and Architecture exclusions form translation f... by daroberts <daroberts@google.com>
- 170776221 ignore paths -> ignore_paths (Added underscode) by Android Partner Docs <noreply@android.com>
- 170770237 Add tags for October Security Release. by Android Partner Docs <noreply@android.com>
- 170760109 Remove a note that doesn't belong on this page. by Android Partner Docs <noreply@android.com>
- 170722413 Update Oct 2017 Pixel Bulletin headers by daroberts <daroberts@google.com>
- 170718989 Small edits to Pixel bulletin by daroberts <daroberts@google.com>
- 170716226 Fix broken link by daroberts <daroberts@google.com>
- 170712949 October 2017 Android and Pixel security bulletins by daroberts <daroberts@google.com>
- 170543005 Add section highlighting latest version packages, downgra... by claym <claym@google.com>
- 170533303 Fix fileencryption flag from Ruslan Piasetskyi by claym <claym@google.com>
- 170497015 Temporarily excluding the architecture and VTS directories by daroberts <daroberts@google.com>
- 170490636 Update CDD link and section number by claym <claym@google.com>
- 170409254 Consolidate and fix binary links, add VNDK section to req... by claym <claym@google.com>
- 170390746 Update android-base.cfg link. by cqn <cqn@google.com>
- 170369057 Updated incorrect vendor reference. by Android Partner Docs <noreply@android.com>
- 170353198 Make final list ordered now that we know all apply. by claym <claym@google.com>
- 170246953 Fix flashing procedure description by Android Partner Docs <noreply@android.com>
- 170203192 Adding titles for resources, fixing links, minor text twe... by hvm <hvm@google.com>
- 170113678 Fix ambigious profile reference by claym <claym@google.com>
- 170113463 researcher acknowledgment update by Android Partner Docs <noreply@android.com>
- 170100609 Adding definition for DRM. by hvm <hvm@google.com>
- 170099262 Add link to /git-repo/+/master/docs/manifest-format.txt by claym <claym@google.com>
- 170098404 Fix Site Feedback link by claym <claym@google.com>
- 170088099 Add Help this Site plea to home page About statement by claym <claym@google.com>
- 170066318 Fixing uncapitalized start of sentence. by hvm <hvm@google.com>
PiperOrigin-RevId: 170780545
Change-Id: I9b379d805b97eff2cc683746700cfb75282ffc4d
diff --git a/en/_index.yaml b/en/_index.yaml
index bb165dd..0db4bd6 100644
--- a/en/_index.yaml
+++ b/en/_index.yaml
@@ -50,13 +50,25 @@
site and the Android Open Source Project (AOSP) repository offer the
information and source code you need to create custom variants of the
Android stack, port devices and accessories to the Android platform,
- and ensure your devices meet compatibility requirements.
+ and ensure your devices meet compatibility requirements.<br><br>
We also wanted to make sure there was no central point of failure,
where one industry player could restrict or control the innovations of
any other. The result is a full, production-quality operating system
for consumer products with source code open for customization and
- porting.
+ porting.<br><br>
+
+ As the AOSP documentation site, we seek your contributions. With an
+ ever-changing ecosystem, we need your help to stay fresh. You may make
+ your own fixes directly to the source files by following the
+ instructions in our <a
+ href="https://android.googlesource.com/platform/docs/source.android.com/+/master/README.txt">README</a>.
+ You may also use the <a
+ href="https://issuetracker.google.com/issues/new?component=191476">Site
+ Feedback</a> link at the bottom of any page to report bugs and offer
+ suggestions for enhancement. See the site’s <a
+ href="https://android.googlesource.com/platform/docs/source.android.com/+log/master?pretty=full&no-merges">changelog</a>
+ for a detailed view of all updates.
image_path: /images/android_stack.png
- heading: News
items:
diff --git a/en/devices/architecture/kernel/modular-kernels.html b/en/devices/architecture/kernel/modular-kernels.html
index 004b8f7..dc36e8c 100644
--- a/en/devices/architecture/kernel/modular-kernels.html
+++ b/en/devices/architecture/kernel/modular-kernels.html
@@ -58,7 +58,7 @@
<p>All SoC kernels should support loadable kernel modules. As a starting point,
the following kernel-config options (or their kernel-version equivalent) have
been added to
-<a href="https://android.googlesource.com/kernel/common/+/android-4.4/android/configs/android-base.cfg" class="external">android-base.cfg</a>
+<a href="https://android.googlesource.com/kernel/common/+/android-4.4-o/android/configs/android-base.cfg" class="external">android-base.cfg</a>
in all common kernels and must be enabled in all device kernels:</p>
<pre class="prettyprint">
diff --git a/en/devices/audio/latency.html b/en/devices/audio/latency.html
index 151c4c6..58b3024 100644
--- a/en/devices/audio/latency.html
+++ b/en/devices/audio/latency.html
@@ -34,7 +34,7 @@
</tr>
<tr>
<td>Description of audio latency for purposes of Android compatibility</td>
- <td><a href="/compatibility/android-cdd.pdf">Android CDD</a><br /><em>section 5.5 Audio Latency</em></td>
+ <td><a href="/compatibility/android-cdd#5_6_audio_latency">Android CDD</a><br /><em>section 5.6 Audio Latency</em></td>
</tr>
<tr>
<td>Common causes of audio latency</td>
diff --git a/en/devices/automotive/index.html b/en/devices/automotive/index.html
index c6b6896..521ff64 100644
--- a/en/devices/automotive/index.html
+++ b/en/devices/automotive/index.html
@@ -33,7 +33,7 @@
Local Interconnect Network (LIN) bus, Media Oriented Systems Transport (MOST),
as well as automotive-grade Ethernet and TCP/IP networks such as BroadR-Reach.
</p>
-<p>the Android Automotive hardware abstraction layer (HAL) provides a
+<p>The Android Automotive hardware abstraction layer (HAL) provides a
consistent interface to the Android framework regardless of physical transport
layer. This vehicle HAL is the interface for developing Android Automotive
implementations.</p>
diff --git a/en/devices/drm.html b/en/devices/drm.html
index 42ab328..2640c00 100644
--- a/en/devices/drm.html
+++ b/en/devices/drm.html
@@ -25,7 +25,7 @@
<img style="float: right; margin: 0px 15px 15px 15px;" src="images/ape_fwk_hal_drm.png" alt="Android DRM HAL icon"/>
-<p>This document provides an overview of the Android DRM framework, and
+<p>This document provides an overview of the Android digital rights management (DRM) framework and
introduces the interfaces a DRM plug-in must implement. This document does not
describe robustness rules or compliance rules that may be defined by a DRM
scheme.</p>
@@ -55,11 +55,10 @@
Availability of rich digital content is important to users on mobile devices. To
make their content widely available, Android developers and digital content
publishers need a consistent DRM implementation supported across the Android
-ecosystem. To make that digital content available on Android devices and to ensure at least one consistent DRM available across all
-devices, Google provides DRM without license fees on compatible Android devices.
-On Android 3.0 and higher platforms, the DRM plug-in is integrated with the
-Android DRM framework and can use hardware-backed protection to secure premium
-content and user credentials.
+ecosystem. To make that digital content available on Android devices and to ensure at least one
+consistent DRM available across all devices, Google provides DRM without license fees on compatible
+Android devices. On Android 3.0 and higher platforms, the DRM plug-in is integrated with the Android
+DRM framework and can use hardware-backed protection to secure premium content and user credentials.
</p>
<p>
@@ -125,7 +124,7 @@
<pre class="devsite-click-to-copy">
/system/lib/drm/plugins/native/
</pre>
-
+
<img src="images/ape_fwk_drm_plugins_life.png" alt="Android DRM Plug-in Lifecycle" />
<p class="img-caption"><strong>Figure 4.</strong> DRM plug-in lifecycle</p>
@@ -157,8 +156,9 @@
DrmInfo* acquireDrmInfo(int uniqueId, const DrmInfoRequest* drmInfoRequest);
</pre>
<p>Retrieves necessary information for registration, deregistration or rights
-acquisition information. See <a
-href="http://developer.android.com/reference/android/drm/DrmInfoRequest.html">DrmInfoRequest</a> for more information.</p>
+acquisition information. See
+<a href="http://developer.android.com/reference/android/drm/DrmInfoRequest.html">DrmInfoRequest</a>
+for more information.</p>
<pre class="devsite-click-to-copy prettyprint">
DrmInfoStatus* processDrmInfo(int uniqueId, const DrmInfo* drmInfo);
diff --git a/en/devices/tech/display/hdr.html b/en/devices/tech/display/hdr.html
index 53e4ae8..fbec847 100644
--- a/en/devices/tech/display/hdr.html
+++ b/en/devices/tech/display/hdr.html
@@ -471,8 +471,7 @@
<ul>
<li>Provide a Dolby-Vision aware extractor, even if it does not support
HDR playback.</li>
-<li>Provide a decoder that supports at least Dolby Vision profile X/level
-Y.</li>
+<li>Provide a decoder that supports the vision profile as defined by Dolby.</li>
</ul>
<h4>HDR10 decoder support</h4>
diff --git a/en/security/_toc.yaml b/en/security/_toc.yaml
index 6a09aa5..f4a5606 100644
--- a/en/security/_toc.yaml
+++ b/en/security/_toc.yaml
@@ -35,70 +35,80 @@
path: /security/bulletin/
- title: Advisories
path: /security/advisory/
- - title: 2017 Bulletins
+ - title: Android Bulletins
section:
- - title: September
- path: /security/bulletin/2017-09-01
- - title: August
- path: /security/bulletin/2017-08-01
- - title: July
- path: /security/bulletin/2017-07-01
- - title: June
- path: /security/bulletin/2017-06-01
- - title: May
- path: /security/bulletin/2017-05-01
- - title: April
- path: /security/bulletin/2017-04-01
- - title: March
- path: /security/bulletin/2017-03-01
- - title: February
- path: /security/bulletin/2017-02-01
- - title: January
- path: /security/bulletin/2017-01-01
- - title: Index
- path: /security/bulletin/2017
- - title: 2016 Bulletins
+ - title: 2017 Bulletins
+ section:
+ - title: October
+ path: /security/bulletin/2017-10-01
+ - title: September
+ path: /security/bulletin/2017-09-01
+ - title: August
+ path: /security/bulletin/2017-08-01
+ - title: July
+ path: /security/bulletin/2017-07-01
+ - title: June
+ path: /security/bulletin/2017-06-01
+ - title: May
+ path: /security/bulletin/2017-05-01
+ - title: April
+ path: /security/bulletin/2017-04-01
+ - title: March
+ path: /security/bulletin/2017-03-01
+ - title: February
+ path: /security/bulletin/2017-02-01
+ - title: January
+ path: /security/bulletin/2017-01-01
+ - title: Index
+ path: /security/bulletin/2017
+ - title: 2016 Bulletins
+ section:
+ - title: December
+ path: /security/bulletin/2016-12-01
+ - title: November
+ path: /security/bulletin/2016-11-01
+ - title: October
+ path: /security/bulletin/2016-10-01
+ - title: September
+ path: /security/bulletin/2016-09-01
+ - title: August
+ path: /security/bulletin/2016-08-01
+ - title: July
+ path: /security/bulletin/2016-07-01
+ - title: June
+ path: /security/bulletin/2016-06-01
+ - title: May
+ path: /security/bulletin/2016-05-01
+ - title: April
+ path: /security/bulletin/2016-04-02
+ - title: March
+ path: /security/bulletin/2016-03-01
+ - title: February
+ path: /security/bulletin/2016-02-01
+ - title: January
+ path: /security/bulletin/2016-01-01
+ - title: Index
+ path: /security/bulletin/2016
+ - title: 2015 Bulletins
+ section:
+ - title: December
+ path: /security/bulletin/2015-12-01
+ - title: November
+ path: /security/bulletin/2015-11-01
+ - title: October
+ path: /security/bulletin/2015-10-01
+ - title: September
+ path: /security/bulletin/2015-09-01
+ - title: August
+ path: /security/bulletin/2015-08-01
+ - title: Index
+ path: /security/bulletin/2015
+ - title: Pixel/Nexus Bulletins
section:
- - title: December
- path: /security/bulletin/2016-12-01
- - title: November
- path: /security/bulletin/2016-11-01
- - title: October
- path: /security/bulletin/2016-10-01
- - title: September
- path: /security/bulletin/2016-09-01
- - title: August
- path: /security/bulletin/2016-08-01
- - title: July
- path: /security/bulletin/2016-07-01
- - title: June
- path: /security/bulletin/2016-06-01
- - title: May
- path: /security/bulletin/2016-05-01
- - title: April
- path: /security/bulletin/2016-04-02
- - title: March
- path: /security/bulletin/2016-03-01
- - title: February
- path: /security/bulletin/2016-02-01
- - title: January
- path: /security/bulletin/2016-01-01
- - title: Index
- path: /security/bulletin/2016
- - title: 2015 Bulletins
- section:
- - title: December
- path: /security/bulletin/2015-12-01
- - title: November
- path: /security/bulletin/2015-11-01
- - title: October
- path: /security/bulletin/2015-10-01
- - title: September
- path: /security/bulletin/2015-09-01
- - title: August
- path: /security/bulletin/2015-08-01
- - title: Index
- path: /security/bulletin/2015
+ - title: Overview
+ path: /security/bulletin/pixel/index
+ - title: October 2017
+ path: /security/bulletin/pixel/2017-10-01
- title: Application Signing
section:
- title: Overview
diff --git a/en/security/bulletin/2017-07-01.html b/en/security/bulletin/2017-07-01.html
index 7a45b0e..1914184 100644
--- a/en/security/bulletin/2017-07-01.html
+++ b/en/security/bulletin/2017-07-01.html
@@ -20,7 +20,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<p><em>Published July 5, 2017 | Updated September 19, 2017</em></p>
+<p><em>Published July 5, 2017 | Updated September 26, 2017</em></p>
<p>The Android Security Bulletin contains details of security vulnerabilities
affecting Android devices. Security patch levels of July 05, 2017 or later
@@ -1465,6 +1465,12 @@
Group</td>
</tr>
<tr>
+ <td>CVE-2017-0681</td>
+ <td><a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a>,<a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>, Mingjian Zhou (<a
+href="//twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), and Xuxian Jiang
+of <a href="//c0reteam.org">C0RE Team</a></td>
+ </tr>
+ <tr>
<td>CVE-2017-0706</td>
<td>Daxing Guo (<a href="//twitter.com/freener0">@freener0</a>) of
Xuanwu Lab, Tencent</td>
@@ -1496,7 +1502,7 @@
Ltd.</td>
</tr>
<tr>
- <td>CVE-2017-0665, CVE-2017-0681</td>
+ <td>CVE-2017-0665</td>
<td><a href="mailto:arnow117@gmail.com">Hanxiang Wen</a>, Mingjian Zhou (<a
href="//twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>), and Xuxian Jiang
of <a href="//c0reteam.org">C0RE Team</a></td>
@@ -1743,6 +1749,11 @@
<td>September 19, 2017</td>
<td>Updated acknowledgements for CVE-2017-0710.</td>
</tr>
+ <tr>
+ <td>1.5</td>
+ <td>September 26, 2017</td>
+ <td>Updated acknowledgements for CVE-2017-0681.</td>
+ </tr>
</table>
</body>
</html>
diff --git a/en/security/bulletin/2017-09-01.html b/en/security/bulletin/2017-09-01.html
index 5f7fa15..56c94f0 100644
--- a/en/security/bulletin/2017-09-01.html
+++ b/en/security/bulletin/2017-09-01.html
@@ -20,7 +20,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
- <p><em>Published September 5, 2017 | Updated September 25, 2017</em></p>
+ <p><em>Published September 5, 2017 | Updated September 28, 2017</em></p>
<p>The Android Security Bulletin contains details of security vulnerabilities
affecting Android devices. Security patch levels of September 05, 2017 or later
@@ -937,7 +937,7 @@
<tr>
<td>CVE-2017-11001</td>
<td>A-36815555<a href="#asterisk">*</a><br />
- QC-CR#270292</td>
+ QC-CR#2051433</td>
<td>ID</td>
<td>Moderate</td>
<td>Wi-Fi driver</td>
@@ -1401,6 +1401,11 @@
<td>Added details for CVE-2017-11120 and CVE-2017-11121
as part of industry-coordinated disclosure.</td>
</tr>
+ <tr>
+ <td>1.4</td>
+ <td>September 28, 2017</td>
+ <td>Update vendor reference for CVE-2017-11001.</td>
+ </tr>
</table>
</body>
</html>
diff --git a/en/security/bulletin/2017-10-01.html b/en/security/bulletin/2017-10-01.html
new file mode 100644
index 0000000..6ca5f4f
--- /dev/null
+++ b/en/security/bulletin/2017-10-01.html
@@ -0,0 +1,507 @@
+<html devsite>
+ <head>
+ <title>Android Security Bulletin—October 2017</title>
+ <meta name="project_path" value="/_project.yaml" />
+ <meta name="book_path" value="/_book.yaml" />
+ </head>
+ <body>
+ <!--
+ Copyright 2017 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ //www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+ <p><em>Published October 2, 2017</em></p>
+
+<p>The Android Security Bulletin contains details of security vulnerabilities
+affecting Android devices. Security patch levels of October 05, 2017 or later
+address all of these issues. To learn how to check a device's security patch
+level, see <a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">
+Check & update your Android version</a>.</p>
+
+<p>Android partners are notified of all issues at least a month before
+publication. Source code patches for these issues will be released
+to the Android Open Source Project (AOSP) repository in the next 48 hours.
+We will revise this bulletin with the AOSP links when they are available.</p>
+
+<p>The most severe of these issues is a critical severity vulnerability in media
+framework that could enable a remote attacker using a specially crafted file to
+execute arbitrary code within the context of a privileged process. The
+<a href="/security/overview/updates-resources.html#severity">severity
+assessment</a> is based on the effect that exploiting the vulnerability would
+possibly have on an affected device, assuming the platform and service
+mitigations are turned off for development purposes or if successfully bypassed.</p>
+
+<p>We have had no reports of active customer exploitation or abuse of these newly
+reported issues. Refer to the
+<a href="#mitigations">Android and Google Play Protect mitigations</a> section
+for details on the <a href="/security/enhancements/index.html">Android
+security platform protections</a> and Google Play Protect, which improve the
+security of the Android platform.</p>
+
+<p>We encourage all customers to accept these updates to their devices.</p>
+
+<p class="note"><strong>Note:</strong> Information on the latest over-the-air
+update (OTA) and firmware images for Google devices is available in the
+<a href="/security/bulletin/pixel/2017-10-01">October 2017
+Pixel / Nexus Security Bulletin</a>.</p>
+
+<h2 id="announcements">Announcements</h2>
+<ul>
+ <li>We have launched a new monthly
+ <a href="/security/bulletin/pixel">Pixel / Nexus Security
+ Bulletin</a>, which contains information on additional security
+ vulnerabilities and functional improvements that are addressed on Pixel and
+ Nexus devices. Android device manufacturers may choose to address these
+ issues on their devices. See <a href="#split">Common questions and
+ answers</a> for additional information</li>
+ <li>Security bulletin acknowledgements are now listed directly in the
+ <a href="/security/overview/acknowledgements.html">Android Security
+ Acknowledgements</a> page.</li>
+</ul>
+
+<h2 id="mitigations">Android and Google service mitigations</h2>
+<p>This is a summary of the mitigations provided by the
+<a href="/security/enhancements/index.html">Android security platform</a>
+and service protections such as
+<a href="https://www.android.com/play-protect">Google Play Protect</a>. These
+capabilities reduce the likelihood that security vulnerabilities could be
+successfully exploited on Android.</p>
+<ul>
+ <li>Exploitation for many issues on Android is made more difficult by
+ enhancements in newer versions of the Android platform. We encourage all users
+ to update to the latest version of Android where possible.</li>
+ <li>The Android security team actively monitors for abuse through <a
+ href="https://www.android.com/play-protect">Google Play Protect</a> and warns
+ users about <a
+ href="/security/reports/Google_Android_Security_PHA_classifications.pdf">Potentially
+ Harmful Applications</a>. Google Play Protect is enabled by default on devices
+ with <a href="http://www.android.com/gms">Google Mobile Services</a>, and is
+ especially important for users who install apps from outside of Google
+ Play.</li>
+</ul>
+<h2 id="2017-10-01-details">2017-10-01 security patch level—Vulnerability details</h2>
+<p>In the sections below, we provide details for each of the security
+vulnerabilities that apply to the 2017-10-01 patch level. Vulnerabilities are
+grouped under the component that they affect. There is a description of the
+issue and a table with the CVE, associated references,
+<a href="#type">type of vulnerability</a>,
+<a href="/security/overview/updates-resources.html#severity">severity</a>,
+and updated AOSP versions (where applicable). When available, we link the public
+change that addressed the issue to the bug ID, like the AOSP change list. When
+multiple changes relate to a single bug, additional references are linked to
+numbers following the bug ID.</p>
+
+<h3 id="framework">Framework</h3>
+<p>The most severe vulnerability in this section could enable a local malicious
+application to bypass user interaction requirements in order to gain access to
+additional permissions.</p>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Updated AOSP versions</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0806</td>
+ <td>A-62998805</td>
+ <td>EoP</td>
+ <td>High</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+</table>
+
+<h3 id="media-framework">Media framework</h3>
+<p>The most severe vulnerability in this section could enable a remote attacker
+using a specially crafted file to execute arbitrary code within the context of
+a privileged process.</p>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Updated AOSP versions</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0809</td>
+ <td>A-62673128</td>
+ <td>RCE</td>
+ <td>Critical</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0810</td>
+ <td>A-38207066</td>
+ <td>RCE</td>
+ <td>Critical</td>
+ <td>6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0811</td>
+ <td>A-37930177</td>
+ <td>RCE</td>
+ <td>Critical</td>
+ <td>5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0812</td>
+ <td>A-62873231</td>
+ <td>EoP</td>
+ <td>High</td>
+ <td>7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0815</td>
+ <td>A-63526567</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0816</td>
+ <td>A-63662938</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+</table>
+
+<h3 id="system">System</h3>
+<p>The most severe vulnerability in this section could enable a proximate
+attacker to execute arbitrary code within the context of a privileged
+process.</p>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Updated AOSP versions</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-14496</td>
+ <td>A-64575136</td>
+ <td>RCE</td>
+ <td>High</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+</table>
+
+<h2 id="2017-10-05-details">2017-10-05 security patch level—Vulnerability details</h2>
+<p>In the sections below, we provide details for each of the security
+vulnerabilities that apply to the 2017-10-05 patch level. Vulnerabilities are
+grouped under the component that they affect and include details such as the
+CVE, associated references, <a href="#type">type of vulnerability</a>,
+<a href="/security/overview/updates-resources.html#severity">severity</a>,
+component (where applicable), and updated AOSP versions (where applicable). When
+available, we link the public change that addressed the issue to the bug ID,
+like the AOSP change list. When multiple changes relate to a single bug,
+additional references are linked to numbers following the bug ID.</p>
+
+<h3 id="kernel-components">Kernel components</h3>
+<p>The most severe vulnerability in this section could enable a local malicious
+application to execute arbitrary code within the context of a privileged
+process.</p>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-7374</td>
+ <td>A-37866910<br />
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1b53cf9815bb4744958d41f3795d5d5a1d365e2d">
+Upstream kernel</a></td>
+ <td>EoP</td>
+ <td>High</td>
+ <td>Filesystem</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9075</td>
+ <td>A-62298712<br />
+ <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8">
+Upstream kernel</a></td>
+ <td>EoP</td>
+ <td>High</td>
+ <td>Network subsystem</td>
+ </tr>
+</table>
+
+<h3 id="mediatek-components">MediaTek components</h3>
+<p>The most severe vulnerability in this section could enable a local malicious
+application to execute arbitrary code within the context of a privileged
+process.</p>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0827</td>
+ <td>A-62539960<a href="#asterisk">*</a><br />
+ M-ALPS03353876<br />
+ M-ALPS03353861<br />
+ M-ALPS03353869<br />
+ M-ALPS03353867<br />
+ M-ALPS03353872</td>
+ <td>EoP</td>
+ <td>High</td>
+ <td>SoC driver</td>
+ </tr>
+</table>
+
+<h3 id="qualcomm-components">Qualcomm components</h3>
+<p>The most severe vulnerability in this section could enable a remote attacker
+using a specially crafted file to execute arbitrary code within the context of
+a privileged process.</p>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-11053</td>
+ <td>A-36895857<a href="#asterisk">*</a><br />
+ QC-CR#2061544</td>
+ <td>RCE</td>
+ <td>Critical</td>
+ <td>SoC driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9714</td>
+ <td>A-63868020<br />
+ <a href="https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=aae237dfbaf8edcf310eeb84b887b20e7e9c0ff3">
+QC-CR#2046578</a></td>
+ <td>EoP</td>
+ <td>Critical</td>
+ <td>Network subsystem</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9683</td>
+ <td>A-62379105<br />
+ <a href="https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=fe4eae96375c27eaee04bbaf112bdc5c1de62977">
+QC-CR#2036397</a></td>
+ <td>EoP</td>
+ <td>High</td>
+ <td>Linux boot</td>
+ </tr>
+</table>
+
+
+<h2 id="questions">Common questions and answers</h2>
+<p>This section answers common questions that may occur after reading this
+bulletin.</p>
+
+<p><strong>1. How do I determine if my device is updated to address these issues?
+</strong></p>
+
+<p>To learn how to check a device's security patch level, see
+<a
+href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Check
+& update your Android version</a>.</p>
+<ul>
+ <li>Security patch levels of 2017-10-01 or later address all issues associated
+ with the 2017-09-01 security patch level.</li>
+ <li>Security patch levels of 2017-10-05 or later address all issues associated
+ with the 2017-09-05 security patch level and all previous patch levels.
+ </li>
+</ul>
+<p>Device manufacturers that include these updates should set the patch string
+level to:</p>
+<ul>
+ <li>[ro.build.version.security_patch]:[2017-10-01]</li>
+ <li>[ro.build.version.security_patch]:[2017-10-05]</li>
+</ul>
+<p><strong>2. Why does this bulletin have two security patch levels?</strong></p>
+
+<p>This bulletin has two security patch levels so that Android partners have the
+flexibility to fix a subset of vulnerabilities that are similar across all
+Android devices more quickly. Android partners are encouraged to fix all issues
+in this bulletin and use the latest security patch level.</p>
+<ul>
+ <li>Devices that use the 2017-10-01 security patch level must include all issues
+ associated with that security patch level, as well as fixes for all issues
+ reported in previous security bulletins.</li>
+ <li>Devices that use the security patch level of 2017-10-05 or newer must
+ include all applicable patches in this (and previous) security
+ bulletins.</li>
+</ul>
+<p>Partners are encouraged to bundle the fixes for all issues they are addressing
+in a single update.</p>
+
+<p id="type">
+<strong>3. What do the entries in the <em>Type</em> column mean?</strong></p>
+
+<p>Entries in the <em>Type</em> column of the vulnerability details table reference
+the classification of the security vulnerability.</p>
+
+<table>
+ <col width="25%">
+ <col width="75%">
+ <tr>
+ <th>Abbreviation</th>
+ <th>Definition</th>
+ </tr>
+ <tr>
+ <td>RCE</td>
+ <td>Remote code execution</td>
+ </tr>
+ <tr>
+ <td>EoP</td>
+ <td>Elevation of privilege</td>
+ </tr>
+ <tr>
+ <td>ID</td>
+ <td>Information disclosure</td>
+ </tr>
+ <tr>
+ <td>DoS</td>
+ <td>Denial of service</td>
+ </tr>
+ <tr>
+ <td>N/A</td>
+ <td>Classification not available</td>
+ </tr>
+</table>
+<p><strong>4. What do the entries in the <em>References</em> column mean?</strong></p>
+
+<p>Entries under the <em>References</em> column of the vulnerability details table
+may contain a prefix identifying the organization to which the reference value
+belongs.</p>
+
+<table>
+ <col width="25%">
+ <col width="75%">
+ <tr>
+ <th>Prefix</th>
+ <th>Reference</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Android bug ID</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Qualcomm reference number</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>MediaTek reference number</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>NVIDIA reference number</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Broadcom reference number</td>
+ </tr>
+</table>
+<p id="asterisk"><strong>5. What does a * next to the Android bug ID in the <em>References</em>
+column mean?</strong></p>
+
+<p>Issues that are not publicly available have a * next to the Android bug ID in
+the <em>References</em> column. The update for that issue is generally contained
+in the latest binary drivers for Nexus devices available from the <a
+href="https://developers.google.com/android/nexus/drivers">Google Developer
+site</a>.</p>
+
+<p id="split">
+<strong>6. Why are security vulnerabilities split between this bulletin and
+device / partner security bulletins, such as the
+Pixel / Nexus bulletin?</strong>
+</p>
+<p>
+Security vulnerabilities that are documented in this security bulletin are
+required in order to declare the latest security patch level on Android devices.
+Additional security vulnerabilities that are documented in
+device / partner security bulletins are not
+required for declaring a security patch level. Android device and chipset
+manufacturers are encouraged to document the presence of other fixes on their
+devices through their own security websites, such as the
+<a href="https://security.samsungmobile.com/securityUpdate.smsb">Samsung</a>,
+<a href="https://lgsecurity.lge.com/security_updates.html">LGE</a>, or
+<a href="/security/bulletin/pixel">Pixel / Nexus</a>
+security bulletins.
+</p>
+
+<p><strong>7. Where are the acknowledgements for this bulletin?</strong></p>
+<p>The acknowledgements for this bulletin are directly in the
+<a href="/security/overview/acknowledgements.html">Android Security
+Acknowledgements</a> page.</p>
+
+<h2 id="versions">Versions</h2>
+<table>
+ <col width="25%">
+ <col width="25%">
+ <col width="50%">
+ <tr>
+ <th>Version</th>
+ <th>Date</th>
+ <th>Notes</th>
+ </tr>
+ <tr>
+ <td>1.0</td>
+ <td>October 2, 2017</td>
+ <td>Bulletin published.</td>
+ </tr>
+</table>
+</body>
+</html>
diff --git a/en/security/bulletin/index.html b/en/security/bulletin/index.html
index b577159..0703da4 100644
--- a/en/security/bulletin/index.html
+++ b/en/security/bulletin/index.html
@@ -22,16 +22,13 @@
-->
-<p class="note"><strong>Checking if your device is up-to-date?</strong>
-Look at <em>Google device updates</em> in the most recent bulletin.</p>
-<p>Security has always been a major focus for Android and Google Play: Android was
-built from day one with security in mind. Monthly device updates are an
-important tool to make and keep Android users safe. This page contains the
-available Android Security Bulletins. These security bulletins also include
-information users can follow to ensure their device has the latest security
-updates. Android device and chipset manufacturers may also publish security
+<p>Monthly device updates are an important tool to keep Android users safe
+and protect their devices. This page contains the available Android Security
+Bulletins, which provide fixes for possible issues affecting devices running
+Android. Android device and chipset manufacturers may also publish security
vulnerability details specific to their products, such as:</p>
<ul>
+ <li><a href="/security/bulletin/pixel/">Google</a></li>
<li><a href="https://lgsecurity.lge.com/security_updates.html">LG</a></li>
<li><a href="https://motorola-global-portal.custhelp.com/app/software-upgrade-security/g_id/5593">Motorola</a></li>
<li><a href="https://security.samsungmobile.com/securityUpdate.smsb">Samsung</a></li>
@@ -41,24 +38,18 @@
<p>To get notifications when a new Android bulletin is published, join the
<a href="https://groups.google.com/forum/#!forum/android-security-updates">Android
Security Updates group</a>, and set your email delivery preference to receive
-all updates. To learn how to check if a device is up to date using the security
-patch level, read the instructions on the
-<a href="https://support.google.com/nexus/answer/4457705">Pixel and Nexus
-update schedule</a>. In general, it takes about one and a half calendar
-weeks for the OTA to reach every Nexus device. The Nexus firmware images are
-also released each month to the
-<a href="https://developers.google.com/android/nexus/images">Google Developer
-site</a>.
+all updates.
</p>
+
<h3 id="sources">Sources</h3>
<p>Fixes listed in the public bulletin come from various different sources: the
Android Open Source Project (AOSP), the upstream Linux kernel, and system-on-chip
(SOC) manufacturers. For device manufacturers:</p>
<ul>
- <li>Android platform fixes are merged into AOSP 24-48 hours after the security
- bulletin is released and can be picked up directly from there.</li>
- <li>Upstream linux kernel fixes are linked to directly from the bulletin on
+ <li>Android platform fixes are merged into AOSP 24–48 hours after the
+ security bulletin is released and can be picked up directly from there.</li>
+ <li>Upstream Linux kernel fixes are linked to directly from the bulletin on
release and can be picked up from there.</li>
<li>Fixes from SOC manufacturers are available directly from the manufacturers.</li>
</ul>
@@ -76,6 +67,22 @@
<th>Security patch level</th>
</tr>
<tr>
+ <td><a href="/security/bulletin/2017-10-01.html">October 2017</a></td>
+ <td>Coming soon
+ <!--
+ <a href="/security/bulletin/2017-10-01.html">English</a> /
+ <a href="/security/bulletin/2017-10-01.html?hl=ja">日本語</a> /
+ <a href="/security/bulletin/2017-10-01.html?hl=ko">한국어</a> /
+ <a href="/security/bulletin/2017-10-01.html?hl=ru">ру́сский</a> /
+ <a href="/security/bulletin/2017-10-01.html?hl=zh-cn">中文 (中国)</a> /
+ <a href="/security/bulletin/2017-10-01.html?hl=zh-tw">中文 (台灣)</a>
+ -->
+ </td>
+ <td>October 2, 2017</td>
+ <td>2017-10-01<br>
+ 2017-10-05</td>
+ </tr>
+ <tr>
<td><a href="/security/bulletin/2017-09-01.html">September 2017</a></td>
<td>Coming soon
<!--
diff --git a/en/security/bulletin/pixel/2017-10-01.html b/en/security/bulletin/pixel/2017-10-01.html
new file mode 100644
index 0000000..fd8eb49
--- /dev/null
+++ b/en/security/bulletin/pixel/2017-10-01.html
@@ -0,0 +1,675 @@
+<html devsite>
+ <head>
+ <title>Pixel/Nexus Security Bulletin—October 2017</title>
+ <meta name="project_path" value="/_project.yaml" />
+ <meta name="book_path" value="/_book.yaml" />
+ </head>
+ <body>
+ <!--
+ Copyright 2017 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ //www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+ <p><em>Published October 2, 2017</em></p>
+
+<p>The Pixel/ Nexus Security Bulletin contains details of security vulnerabilities
+and functional improvements affecting
+<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">
+supported Google Pixel and Nexus devices</a> (Google devices). For
+Google devices, security patch levels of October 05, 2017 or later
+address all issues in this bulletin and all issues in the
+<a href="/security/bulletin/2017-10-01">October 2017 Android Security Bulletin</a>.
+To learn how to check a device's security patch level, see
+<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">
+Check & update your Android version</a>.</p>
+
+
+<p>All supported Google devices will receive an update to the 2017-10-05 patch
+level. We encourage all customers to accept these updates to their devices.</p>
+
+<p class="note"><strong>Note:</strong> The Google device firmware images are
+available on the <a href="https://developers.google.com/android/nexus/images">
+Google Developer site</a>.</p>
+
+<h2 id="announcements">Announcements</h2>
+<ul>
+ <li>In addition to the security vulnerabilities described in the
+ <a href="/security/bulletin/2017-10-01">October 2017 Android Security
+ Bulletin</a>, Pixel and Nexus devices also contain patches for the
+ security vulnerabilities described below. Partners were notified of
+ these issues at least a month ago and may choose to
+ incorporate them as part of their device updates.
+ </li>
+ <li>Security bulletin acknowledgements are listed directly in the
+ <a href="/security/overview/acknowledgements.html">Android Security
+ Acknowledgements</a> page.</li>
+</ul>
+
+<h2 id="patches">Security patches</h2>
+Vulnerabilities are
+grouped under the component that they affect. There is a description of the
+issue and a table with the CVE, associated references,
+<a href="#type">type of vulnerability</a>,
+<a href="/security/overview/updates-resources.html#severity">severity</a>,
+and updated Android Open Source Project (AOSP) versions (where applicable).
+When available, we link the public
+change that addressed the issue to the bug ID, like the AOSP change list. When
+multiple changes relate to a single bug, additional references are linked to
+numbers following the bug ID.</p>
+
+<h3 id="framework">Framework</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Updated AOSP versions</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0807</td>
+ <td>A-35056974</td>
+ <td>EoP</td>
+ <td>High</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0808</td>
+ <td>A-62301183</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+</table>
+
+<h3 id="media-framework">Media framework</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Updated AOSP versions</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0813</td>
+ <td>A-36531046</td>
+ <td>DoS</td>
+ <td>Moderate</td>
+ <td>7.0, 7.1.1, 7.1.2</td>
+ </tr>
+ <tr>
+ <td rowspan="2">CVE-2017-0814</td>
+ <td rowspan="2">A-62800140</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>DoS</td>
+ <td>High</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0817</td>
+ <td>A-63522430</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td rowspan="2">CVE-2017-0818</td>
+ <td rowspan="2">A-63581671</td>
+ <td>NSI</td>
+ <td>NSI</td>
+ <td>7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>DoS</td>
+ <td>High</td>
+ <td>6.0, 6.0.1</td>
+ </tr>
+ <tr>
+ <td rowspan="2">CVE-2017-0819</td>
+ <td rowspan="2">A-63045918</td>
+ <td>NSI</td>
+ <td>NSI</td>
+ <td>7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>DoS</td>
+ <td>High</td>
+ <td>6.0, 6.0.1</td>
+ </tr>
+ <tr>
+ <td rowspan="2">CVE-2017-0820</td>
+ <td rowspan="2">A-62187433</td>
+ <td>NSI</td>
+ <td>NSI</td>
+ <td>7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>DoS</td>
+ <td>High</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1</td>
+ </tr>
+</table>
+
+<h3 id="system">System</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Updated AOSP versions</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0822</td>
+ <td>A-63787722</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>6.0.1, 7.0, 7.1.1, 7.1.2, 8.0</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0823</td>
+ <td>A-37896655</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2</td>
+ </tr>
+</table>
+
+<h3 id="broadcom-components">Broadcom components</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0824</td>
+ <td>A-37622847<a href="#asterisk">*</a><br />
+ B-V2017063001</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>WiFi driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-0825</td>
+ <td>A-37305633<a href="#asterisk">*</a><br />
+ B-V2017063002</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WiFi driver</td>
+ </tr>
+</table>
+
+<h3 id="htc-components">HTC components</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0826</td>
+ <td>A-34949781<a href="#asterisk">*</a></td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Bootloader</td>
+ </tr>
+</table>
+
+<h3 id="huawei-components">Huawei components</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0828</td>
+ <td>A-34622855<a href="#asterisk">*</a></td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Bootloader</td>
+ </tr>
+</table>
+
+<h3 id="kernel-components">Kernel components</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-7187</td>
+ <td>A-63666227<br />
+ <a
+href="https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.11/scsi-fixes&id=bf33f87dd04c371ea33feb821b60d63d754e3124">
+Upstream kernel</a></td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>SCSI driver</td>
+ </tr>
+</table>
+
+<h3 id="motorola-components">Motorola components</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-0829</td>
+ <td>A-62345044<a href="#asterisk">*</a></td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Bootloader</td>
+ </tr>
+</table>
+
+<h3 id="qualcomm-components">Qualcomm components</h3>
+
+<table>
+ <col width="17%">
+ <col width="19%">
+ <col width="9%">
+ <col width="14%">
+ <col width="39%">
+ <tr>
+ <th>CVE</th>
+ <th>References</th>
+ <th>Type</th>
+ <th>Severity</th>
+ <th>Component</th>
+ </tr>
+ <tr>
+ <td>CVE-2017-9686</td>
+ <td>A-62827928<br />
+ <a
+href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-3.18.git;a=commit;h=de875dd095d3ec0906c77518d28f793e6c69a9da">
+QC-CR#1115359</a></td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>SPS driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11050</td>
+ <td>A-62085265<br />
+ <a
+href="https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=725674586f5bc009ef5175d29eb0fd677e0ef1f2">
+QC-CR#2064785</a></td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11067</td>
+ <td>A-62058746<a href="#asterisk">*</a><br />
+ QC-CR#2062012</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11057</td>
+ <td>A-37949660<a href="#asterisk">*</a><br />
+ QC-CR#2059812</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Camera</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11056</td>
+ <td>A-37893116<a href="#asterisk">*</a><br />
+ QC-CR#2060504</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Crypto driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11046</td>
+ <td>A-37623773<a href="#asterisk">*</a><br />
+ QC-CR#2059656</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Audio driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11059</td>
+ <td>A-37284397<a href="#asterisk">*</a><br />
+ QC-CR#2057375</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Crypto Driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9706</td>
+ <td>A-34170483<a href="#asterisk">*</a><br />
+ QC-CR#2030399</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Video driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11048</td>
+ <td>A-37093119<a href="#asterisk">*</a><br />
+ QC-CR#2052691</td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>Video driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9697</td>
+ <td>A-63868628<br />
+ <a
+href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=7e45e3a6c1f6dd46d71fb6824a7cf702d2e79225">
+QC-CR#2032672</a></td>
+ <td>EoP</td>
+ <td>Moderate</td>
+ <td>SoC driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11051</td>
+ <td>A-62456806<br />
+ <a
+href="https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=c8f263f0e3b0b6cba38fae9b2330d77f802c51d8">
+QC-CR#2061755</a></td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9715</td>
+ <td>A-36730104<a href="#asterisk">*</a><br />
+ QC-CR#2054958<br />
+ QC-CR#2057034</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11061</td>
+ <td>A-36816726<a href="#asterisk">*</a><br />
+ QC-CR#2054693<br />
+ QC-CR#2059701</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11060</td>
+ <td>A-36817548<a href="#asterisk">*</a><br />
+ QC-CR#2058447<br />
+ QC-CR#2054770</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9717</td>
+ <td>A-36817053<a href="#asterisk">*</a><br />
+ QC-CR#2051450</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11052</td>
+ <td>A-37687303<a href="#asterisk">*</a><br />
+ QC-CR#2061688</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11054</td>
+ <td>A-37713609<a href="#asterisk">*</a><br />
+ QC-CR#2061251</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11062</td>
+ <td>A-37720349<a href="#asterisk">*</a><br />
+ QC-CR#2058448</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11055</td>
+ <td>A-37721426<a href="#asterisk">*</a><br />
+ QC-CR#2061241</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11064</td>
+ <td>A-36815952<a href="#asterisk">*</a><br />
+ QC-CR#2054770<br />
+ QC-CR#2058447
+QC-CR#2066628<br />
+ QC-CR#2087785</td>
+ <td>ID</td>
+ <td>Moderate</td>
+ <td>WLAN</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-9687</td>
+ <td>A-62827190<br />
+ <a href="https://www.codeaurora.org/gitweb/quic/la/?p=kernel/msm-4.4.git;a=commit;h=8f1a77f5da53edd2b5a1c42ddd766712a90109d6">
+QC-CR#2016076</a></td>
+ <td>EoP</td>
+ <td>Low</td>
+ <td>Modem</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11063</td>
+ <td>A-36716469<a href="#asterisk">*</a><br />
+ QC-CR#2053027</td>
+ <td>DoS</td>
+ <td>Low</td>
+ <td>Camera driver</td>
+ </tr>
+</table>
+
+
+<h2 id="functional-patches">Functional patches</h2>
+<p>There are no functional patches included this month.</p>
+
+
+<h2 id="questions">Common questions and answers</h2>
+<p>This section answers common questions that may occur after reading this
+bulletin.</p>
+
+<p><strong>1. How do I determine if my device is updated to address these issues?
+</strong></p>
+
+<p>Security patch levels of 2017-10-05 or later address all issues associated
+with the 2017-10-05 security patch level and all previous patch levels.To learn
+how to check a device's security patch level, read the instructions on the
+<a href="https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices">Pixel
+and Nexus update schedule</a>.</p>
+
+<p id="type">
+<strong>2. What do the entries in the <em>Type</em> column mean?</strong></p>
+
+<p>Entries in the <em>Type</em> column of the vulnerability details table reference
+the classification of the security vulnerability.</p>
+
+<table>
+ <col width="25%">
+ <col width="75%">
+ <tr>
+ <th>Abbreviation</th>
+ <th>Definition</th>
+ </tr>
+ <tr>
+ <td>RCE</td>
+ <td>Remote code execution</td>
+ </tr>
+ <tr>
+ <td>EoP</td>
+ <td>Elevation of privilege</td>
+ </tr>
+ <tr>
+ <td>ID</td>
+ <td>Information disclosure</td>
+ </tr>
+ <tr>
+ <td>DoS</td>
+ <td>Denial of service</td>
+ </tr>
+ <tr>
+ <td>N/A</td>
+ <td>Classification not available</td>
+ </tr>
+</table>
+<p><strong>3. What do the entries in the <em>References</em> column mean?</strong></p>
+
+<p>Entries under the <em>References</em> column of the vulnerability details table
+may contain a prefix identifying the organization to which the reference value
+belongs.</p>
+
+<table>
+ <col width="25%">
+ <col width="75%">
+ <tr>
+ <th>Prefix</th>
+ <th>Reference</th>
+ </tr>
+ <tr>
+ <td>A-</td>
+ <td>Android bug ID</td>
+ </tr>
+ <tr>
+ <td>QC-</td>
+ <td>Qualcomm reference number</td>
+ </tr>
+ <tr>
+ <td>M-</td>
+ <td>MediaTek reference number</td>
+ </tr>
+ <tr>
+ <td>N-</td>
+ <td>NVIDIA reference number</td>
+ </tr>
+ <tr>
+ <td>B-</td>
+ <td>Broadcom reference number</td>
+ </tr>
+</table>
+
+<p id="asterisk"><strong>4. What does a * next to the Android bug ID in the <em>References</em>
+column mean?</strong></p>
+
+<p>Issues that are not publicly available have a * next to the Android bug ID in
+the <em>References</em> column. The update for that issue is generally contained
+in the latest binary drivers for Nexus devices available from the <a
+href="https://developers.google.com/android/nexus/drivers">Google Developer
+site</a>.</p>
+
+<p id="split">
+<strong>5. Why are security vulnerabilities split between this bulletin and
+the Android Security Bulletins?</strong>
+</p>
+<p>
+Security vulnerabilities that are documented in the Android Security Bulletins are
+required in order to declare the latest security patch level on Android devices.
+Additional security vulnerabilities, such as those documented in this bulletin,
+are not required for declaring a security patch level.
+</p>
+
+<h2 id="versions">Versions</h2>
+<table>
+ <col width="25%">
+ <col width="25%">
+ <col width="50%">
+ <tr>
+ <th>Version</th>
+ <th>Date</th>
+ <th>Notes</th>
+ </tr>
+ <tr>
+ <td>1.0</td>
+ <td>October 2, 2017</td>
+ <td>Bulletin published.</td>
+ </tr>
+</table>
+</body>
+</html>
diff --git a/en/security/bulletin/pixel/index.html b/en/security/bulletin/pixel/index.html
new file mode 100644
index 0000000..ea492ea
--- /dev/null
+++ b/en/security/bulletin/pixel/index.html
@@ -0,0 +1,78 @@
+<html devsite>
+ <head>
+ <title>Pixel / Nexus Security Bulletins</title>
+ <meta name="project_path" value="/_project.yaml" />
+ <meta name="book_path" value="/_book.yaml" />
+ </head>
+ <body>
+ <!--
+ Copyright 2017 The Android Open Source Project
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ -->
+
+
+<p>This page contains the available Pixel / Nexus monthly
+bulletins. These bulletins supplement the
+<a href="/security/bulletin">Android Security Bulletins</a> with
+additional security patches and functional improvements on Pixel and Nexus
+devices. These bulletins apply to
+<a href="https://support.google.com/nexus/answer/4457705">supported Pixel and
+Nexus devices</a>.</p>
+
+<h3 id="notification">Notifications</h3>
+<p>Pixel and Nexus devices start receiving OTA updates on the same day the
+monthly bulletin is released. In general, it takes about one and a half calendar
+weeks for the OTA to reach every Nexus device. The Nexus firmware images are
+also released each month to the
+<a href="https://developers.google.com/android/nexus/images">Google Developer
+site</a>.
+</p>
+<h3 id="sources">Sources</h3>
+
+<p>Patches listed in the Pixel / Nexus bulletin come from various
+sources: the Android Open Source Project (AOSP), the upstream Linux kernel,
+and system-on-chip (SOC) manufacturers. Android platform fixes are merged into
+AOSP 24–48 hours after the Pixel / Nexus bulletin is released.</p>
+
+<h3 id="bulletins">Bulletins</h3>
+
+<table>
+ <col width="15%">
+ <col width="49%">
+ <col width="17%">
+ <col width="19%">
+ <tr>
+ <th>Bulletin</th>
+ <th>Languages</th>
+ <th>Published date</th>
+ <th>Security patch level</th>
+ </tr>
+ <tr>
+ <td><a href="/security/bulletin/pixel/2017-10-01.html">October 2017</a></td>
+ <td>Coming soon
+ <!--
+ <a href="/security/bulletin/pixel/2017-10-01.html">English</a> /
+ <a href="/security/bulletin/pixel/2017-10-01.html?hl=ja">日本語</a> /
+ <a href="/security/bulletin/pixel/2017-10-01.html?hl=ko">한국어</a> /
+ <a href="/security/bulletin/pixel/2017-10-01.html?hl=ru">ру́сский</a> /
+ <a href="/security/bulletin/pixel/2017-10-01.html?hl=zh-cn">中文 (中国)</a> /
+ <a href="/security/bulletin/pixel/2017-10-01.html?hl=zh-tw">中文 (台灣)</a>
+ -->
+ </td>
+ <td>October 2, 2017</td>
+ <td>2017-10-05</td>
+ </tr>
+</table>
+ </body>
+</html>
diff --git a/en/security/overview/acknowledgements.html b/en/security/overview/acknowledgements.html
index f287c44..d444a35 100644
--- a/en/security/overview/acknowledgements.html
+++ b/en/security/overview/acknowledgements.html
@@ -35,336 +35,794 @@
<h2 id="2017">2017</h2>
-<div style="LINE-HEIGHT:25px;">
-<p>ADlab of Venustech</p>
-
-<p>Alexander Potapenko of Google Dynamic Tools team</p>
-
-<p>Alexandru Blanda</p>
-
-<p>Amir Cohen of Ben Gurion University Cyber Lab</p>
-
-<p>Ao Wang (<a href="//twitter.com/ArayzSegment">@ArayzSegment</a>)
- of <a href="//www.pwnzen.com/">Pangu Team</a></p>
-
-<p>Dr. Asaf Shabtai of Ben Gurion University Cyber Lab</p>
-
-<p>Baozeng Ding (<a href="https://twitter.com/sploving1">@sploving</a>)
-of Alibaba Mobile Security Group</p>
-
-<p>Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)</p>
-
-<p>Ben Seri of <a href="https://armis.com">Armis, Inc.</a></p>
-
-<p>Billy Lau of Android Security</p>
-
-<p>Bo Liu of <a href="http://www.ms509.com">MS509Team</a></p>
-
-<p>Chenfu Bao (包沉浮) of Baidu X-Lab (百度安全实验室)</p>
-
-<p>Chengming Yang of Alibaba Mobile Security Group</p>
-
-<p><a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a>of
- <a href="//c0reteam.org">C0RE Team</a></p>
-
-<p>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p><a href="http://weibo.com/csddl">Chong Wang</a> of
-Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</p>
-
-<p>Cong Zheng (<a href="https://twitter.com/shellcong">@shellcong</a>)
-of Palo Alto Networks</p>
-
-<p><a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a>
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Daniel Dakhno</p>
-
-<p>Daniel Micay of Copperhead Security</p>
-
-<p>Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>) of Xuanwu
- Lab, Tencent</p>
-
-<p><a href="mailto:derrek.haxx@gmail.com">derrek</a>
- (<a href="https://twitter.com/derrekr6">@derrekr6</a>)</p>
-
-<p>Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>) of KeenLab
- (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent</p>
-
-<p>donfos (Aravind Machiry) of Shellphish Grill Team, UC Santa Barbara</p>
-
-<p><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a></p>
-
-<p>Ecular Xu (徐健) of Trend Micro</p>
-
-<p>Elphet of Alpha Team, Qihoo 360 Technology Co. Ltd.</p>
-
-<p>En He (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>) of
-<a href="http://www.ms509.com">MS509Team</a></p>
-
-<p>Fang Chen of Sony Mobile Communications Inc.</p>
-
-<p>Frank Liberato of Chrome</p>
-
-<p>Gal Beniamini of Project Zero</p>
-
-<p>Gengjia Chen (<a href="https://twitter.com/chengjia4574">@chengjia4574</a>)
- of IceSword Lab, Qihoo 360 Technology Co. Ltd.</p>
-
-<p>godzheng (郑文选 <a href="https://twitter.com/virtualseekers">@VirtualSeekers</a>)
-of Tencent PC Manager</p>
-
-<p>Google WebM Team</p>
-
-<p>Gregory Vishnepolsky of <a href="https://armis.com">Armis, Inc.</a></p>
-
-<p>Guang Gong (龚广) (<a href="http://twitter.com/oldfresher">@oldfresher</a>) of
- Alpha Team, <a href="http://www.360.com">Qihoo 360 Technology Co. Ltd.</a></p>
-
-<p>Guangdong Bai of Singapore Institute of Technology (SIT)</p>
-
-<p><a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz
-Seray Tuncay</a> of the <a
-href="http://tuncay2.web.engr.illinois.edu">University of Illinois at
-Urbana-Champaign</a></p>
-
-<p><a href="mailto:arnow117@gmail.com">Hanxiang Wen</a> of <a
- href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Hao Chen of Alpha Team, Qihoo 360 Technology Co. Ltd.</p>
-
-<p>Hiroki Yamamoto of Sony Mobile Communications Inc.</p>
-
-<p><a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a> of
- <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>hujianfei of Qihoo360 Qex Team</p>
-
-<p>Ian Foster (<a href="https://twitter.com/lanrat">@lanrat</a>)</p>
-
-<p>Jack Tang of Trend Micro Inc.</p>
-
-<p>Jake Corina of Shellphish Grill Team</p>
-
-<p>Jason Gu of Trend Micro</p>
-
-<p>Jeff Sharkey of Google</p>
-
-<p>Jeff Trim</p>
-
-<p>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) of <a
-href="https://skyeye.360safe.com">Qihoo 360 Skyeye Labs</a></p>
-
-<p>Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>)
- of IceSword Lab, Qihoo 360</p>
-
-<p>Joey Brand of Census Consulting Inc.</p>
-
-<p>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>)</p>
-
-<p>Juhu Nie of Xiaomi Inc.</p>
-
-<p>Jun Cheng of Alibaba Inc.</p>
-
-<p>Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室)</p>
-
-<p>Liyadong of Qex Team, Qihoo 360</p>
-
-<p><a href="mailto:zlbzlb815@163.com">Lubo Zhang</a>
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>ma.la of LINE Corporation</p>
-
-<p>Makoto Onuki of Google</p>
-
-<p>Marco Bartoli (<a href="https://twitter.com/wsxarcher">@wsxarcher</a>)</p>
-
-<p><a href="mailto:salyzyn@android.com">Mark Salyzyn</a> of Google</p>
-
-<p>Max Spector of Google</p>
-
-<p>Michael Goberman of IBM Security X-Force</p>
-
-<p>Mike Anderson (<a href="https://twitter.com/manderbot">@manderbot</a>)
- of Tesla Motors Product Security Team</p>
-
-<p>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>)
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Monk Avel</p>
-
-<p>Nan Li of Xiaomi Inc.</p>
-
-<p>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)
-of Tesla Motors Product Security Team</p>
-
-<p>Nick Stephens of Shellphish Grill Team</p>
-
-<p>Nikolay Elenkov of LINE Corporation</p>
-
-<p><a href="mailto:jiych.guru@gmail.com">Niky1235</a>
-(<a href="https://twitter.com/jiych_guru">@jiych_guru</a>)</p>
-
-<p>Ning You of Alibaba Mobile Security Group</p>
-
-<p>Nitay Artenstein of Exodus Intelligence</p>
-
-<p>Omer Shwartz of Ben Gurion University Cyber Lab</p>
-
-<p>Peide Zhang of Vulpecker Team, Qihoo 360 Technology Co. Ltd.</p>
-
-<p>Peng Xiao of Alibaba Mobile Security Group</p>
-
-<p>Pengfei Ding (丁鹏飞) of Baidu X-Lab (百度安全实验室)</p>
-
-<p>Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>)
- of Trend Micro</p>
-
-<p><a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360
- Technology Co. Ltd.</p>
-
-<p>Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">@flanker_hqd</a>)
- of KeenLab, Tencent (腾讯科恩实验室)</p>
-
-<p>Qing Zhang of Qihoo 360</p>
-
-<p>Qiwu Huang of Xiaomi Inc.</p>
-
-<p>Quhe of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</p>
-
-<p>Roee Hay of <a href="https://alephsecurity.com/">Aleph Research</a>, HCL Technologies</p>
-
-<p>Sagi Kedmi of IBM X-Force Research</p>
-
-<p><a href="mailto:keun-o.park@darkmatter.ae">Sahara</a> of Secure
-Communications in DarkMatter</p>
-
-<p>salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>) of
-Shellphish Grill Team, UC Santa Barbara</p>
-
-<p>Scott Bauer (<a href="http://twitter.com/ScottyBauer1">@ScottyBauer1</a>)</p>
-
-<p>Sean Beaupre (<a href="https://twitter.com/firewaterdevs">@firewaterdevs</a>)</p>
-
-<p>Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>) of
- Trend Micro Mobile Threat Research Team</p>
-
-<p>Shinichi Matsumoto of Fujitsu</p>
-
-<p><a href="mailto:smarques84@gmail.com">Stéphane Marques</a> of <a
-href="http://www.byterev.com">ByteRev</a></p>
-
-<p>Stephen Morrow</p>
-
-<p>Svetoslav Ganov of Google</p>
-
-<p>Timothy Becker of CSS Inc.</p>
-
-<p><a href="mailto:segfault5514@gmail.com">Tong Lin</a>
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Uma Sankar Pradhan (<a href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>)</p>
-
-<p>Valerio Costamagna (<a href="https://twitter.com/vaio_co">@vaio_co</a>)</p>
-
-<p>Vasily Vasiliev</p>
-
-<p>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) of Mobile Threat
- Research Team, <a href="http://www.trendmicro.com">Trend Micro</a></p>
-
-<p>wanchouchou of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</p>
-
-<p>Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>) of
- Alibaba Inc.</p>
-
-<p>Wenjun Hu of Palo Alto Networks</p>
-
-<p><a href="mailto:vancouverdou@gmail.com">Wenke Dou</a> of
- <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Wenlin Yang (<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)
-of Alpha Team, Qihoo 360 Technology Co. Ltd.</p>
-
-<p>Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>)
-(<a href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼) of Ant-financial Light-Year
- Security Lab</p>
-
-<p>Xiao Zhang of Palo Alto Networks</p>
-
-<p><a href="mailto:wisedd@gmail.com">Xiaodong Wang</a>
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Xiling Gong of Tencent Security Platform Department</p>
-
-<p>Xingyuan Lin of 360 Marvel Team</p>
-
-<p>Xuxian Jiang of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Yan Zhou of Eagleye team, SCC, Huawei</p>
-
-<p><a href="mailto:bigwyfone@gmail.com">Yanfeng Wang</a>
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Yang Cheng of Xiaomi Inc.</p>
-
-<p><a href="mailto:huahuaisadog@gmail.com">Yang Dai</a> of Vulpecker Team, Qihoo
-360 Technology Co. Ltd</p>
-
-<p>Yang Song of Alibaba Mobile Security Group</p>
-
-<p>Yangkang (<a href="https://twitter.com/dnpushme">@dnpushme</a>) of Qex Team, Qihoo 360</p>
-
-<p><a href="mailto:yaojun8558363@gmail.com">Yao Jun</a> of
- <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>)
- of Alibaba Inc.</p>
-
-<p>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of
- IceSword Lab, Qihoo 360 Technology Co. Ltd.</p>
-
-<p>Yongke Wang of <a href="http://xlab.tencent.com">Tencent's Xuanwu Lab</a></p>
-
-<p>Dr. Yossi Oren of Ben Gurion University Cyber Lab</p>
-
-<p><a href="http://weibo.com/panyu6325">Yu Pan</a> of Vulpecker Team, Qihoo 360 Technology Co. Ltd</p>
-
-<p><a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> of
- <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Yuebin Sun of <a href="http://xlab.tencent.com">Tencent's
-Xuanwu Lab</a></p>
-
-<p>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>)
-of <a href="http://c0reteam.org">C0RE Team</a></p>
-
-<p>Yuxiang Li (<a href="https://twitter.com/xbalien29">@Xbalien29</a>) of
- Tencent Security Platform Department</p>
-
-<p>Zhanpeng Zhao (行之) (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>) of
- Security Research Lab, <a href="http://www.cmcm.com/">Cheetah Mobile</a></p>
-
-<p>Zhe Jin (金哲) of
-Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</p>
-
-<p><a href="mailto:zhouzhenster@gmail.com">Zhen Zhou</a> (
- <a href="https://twitter.com/henices">@henices</a>) of
- <a href="http://www.nsfocus.com">NSFocus</a></p>
-
-<p>Zhi Xu of Palo Alto Networks</p>
-
- <p><a href="mailto:sundaywind2004@gmail.com">Zhixin Li</a> of
- <a href="http://www.nsfocus.com">NSFocus</a></p>
-
- <p><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> from Chengdu Security
- Response Center of Qihoo 360 Technology Co. Ltd.</p>
-
- <p>Zubin Mithra of Google</p>
-
- </div>
-
+<table>
+ <col width="50%">
+ <col width="50%">
+ <tr>
+ <th>Researcher</th>
+ <th>CVEs</th>
+ </tr>
+ <tr>
+ <td>ADlab of Venustech</td>
+ <td>CVE-2017-0630</td>
+ </tr>
+ <tr>
+ <td>Alexander Potapenko of Google Dynamic Tools team</td>
+ <td>CVE-2017-0537</td>
+ </tr>
+ <tr>
+ <td>Alexandru Blanda</td>
+ <td>CVE-2017-0390</td>
+ </tr>
+ <tr>
+ <td>Amir Cohen of Ben Gurion University Cyber Lab</td>
+ <td>CVE-2017-0650</td>
+ </tr>
+ <tr>
+ <td>Ao Wang (<a href="https://twitter.com/ArayzSegment">@ArayzSegment</a>) of
+<a href="https://www.pwnzen.com/">Pangu Team</a></td>
+ <td>CVE-2017-0691, CVE-2017-0700</td>
+ </tr>
+ <tr>
+ <td>Dr. Asaf Shabtai of Ben Gurion University Cyber Lab</td>
+ <td>CVE-2017-0650</td>
+ </tr>
+ <tr>
+ <td>Baozeng Ding (<a href="https://twitter.com/sploving">@sploving</a>) of
+Alibaba Mobile Security Group</td>
+ <td>CVE-2017-0463, CVE-2017-0506, CVE-2017-0711, CVE-2017-0741,
+CVE-2017-0742, CVE-2017-0751, CVE-2017-0796, CVE-2017-0798, CVE-2017-0800,
+CVE-2017-0827, CVE-2017-11000, CVE-2017-11059</td>
+ </tr>
+ <tr>
+ <td>Ben Actis (<a href="https://twitter.com/ben_ra">@Ben_RA</a>)</td>
+ <td>CVE-2016-8461</td>
+ </tr>
+ <tr>
+ <td>Ben Seri of <a href="https://armis.com/">Armis, Inc.</a></td>
+ <td>CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785</td>
+ </tr>
+ <tr>
+ <td>Billy Lau of Android Security</td>
+ <td>CVE-2017-0335, CVE-2017-0336, CVE-2017-0338, CVE-2017-0460,
+CVE-2017-8263, CVE-2017-9682</td>
+ </tr>
+ <tr>
+ <td>Bo Liu of <a href="http://www.ms509.com/">MS509Team</a></td>
+ <td>CVE-2017-0490, CVE-2017-0601, CVE-2017-0639, CVE-2017-0645, CVE-2017-0784</td>
+ </tr>
+ <tr>
+ <td>Chao Yang of Alibaba Mobile Security Group</td>
+ <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0565</td>
+ </tr>
+ <tr>
+ <td>Chenfu Bao (包沉浮) of Baidu X-Lab (百度安全实验室)</td>
+ <td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738,
+CVE-2017-0766, CVE-2017-0794, CVE-2017-9681, CVE-2017-9684, CVE-2017-9693,
+CVE-2017-9694, CVE-2017-9715, CVE-2017-9717, CVE-2017-9720, CVE-2017-11001,
+CVE-2017-10999, CVE-2017-11057,
+CVE-2017-11060, CVE-2017-11061, CVE-2017-11064</td>
+ </tr>
+ <tr>
+ <td>Chengming Yang of Alibaba Mobile Security Group</td>
+ <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506,
+CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751,
+CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-11000,
+CVE-2017-11059</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:zc1991@mail.ustc.edu.cn">Chi Zhang</a> of <a
+href="https://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0765</td>
+ </tr>
+ <tr>
+ <td>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">@chiachih_wu</a>)
+of <a href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431,
+CVE-2016-8432, CVE-2016-8449, CVE-2016-8435, CVE-2016-8480, CVE-2016-8481,
+CVE-2016-8482, CVE-2017-0383, CVE-2017-0384, CVE-2017-0385, CVE-2017-0398,
+CVE-2017-0400, CVE-2017-0401, CVE-2017-0402, CVE-2017-0428, CVE-2017-0429,
+CVE-2017-0435, CVE-2017-0436, CVE-2017-0444, CVE-2017-0448</td>
+ </tr>
+ <tr>
+ <td><a href="http://weibo.com/csddl">Chong Wang</a> of Chengdu Security
+Response Center, Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2017-0758</td>
+ </tr>
+ <tr>
+ <td>Cong Zheng (<a href="https://twitter.com/shellcong">@shellcong</a>) of
+Palo Alto Networks</td>
+ <td>CVE-2017-0752</td>
+ </tr>
+ <tr>
+ <td>Constantinos Patsakis of University of Piraeus</td>
+ <td>CVE-2017-0807</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:shaodacheng2016@gmail.com">Dacheng Shao</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0483, CVE-2017-0739, CVE-2017-0769, CVE-2017-0801</td>
+ </tr>
+ <tr>
+ <td>Daniel Dakhno</td>
+ <td>CVE-2017-0420</td>
+ </tr>
+ <tr>
+ <td>Daniel Micay of Copperhead Security</td>
+ <td>CVE-2017-0397, CVE-2017-0405, CVE-2017-0410, CVE-2017-0826</td>
+ </tr>
+ <tr>
+ <td>Daxing Guo (<a href="https://twitter.com/freener0">@freener0</a>) of
+Xuanwu Lab, Tencent</td>
+ <td>CVE-2017-0386, CVE-2017-0553, CVE-2017-0585, CVE-2017-0706</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:derrek.haxx@gmail.com">derrek</a> (<a
+href="https://twitter.com/derrekr6">@derrekr6</a>)</td>
+ <td>CVE-2016-8413, CVE-2016-8477, CVE-2017-0392, CVE-2017-0521,
+CVE-2017-0531, CVE-2017-0576, CVE-2017-8260</td>
+ </tr>
+ <tr>
+ <td>Di Shen (<a href="https://twitter.com/returnsme">@returnsme</a>) of
+KeenLab (<a href="https://twitter.com/keen_lab">@keen_lab</a>), Tencent</td>
+ <td>CVE-2016-8412, CVE-2016-8427, CVE-2016-8444, CVE-2016-10287,
+CVE-2017-0334, CVE-2017-0403, CVE-2017-0427, CVE-2017-0456, CVE-2017-0457,
+CVE-2017-0525, CVE-2017-8265</td>
+ </tr>
+ <tr>
+ <td>donfos (Aravind Machiry) of Shellphish Grill Team, UC Santa Barbara</td>
+ <td>CVE-2016-5349, CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</td>
+ </tr>
+ <tr>
+ <td><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a></td>
+ <td>CVE-2017-0414, CVE-2017-0703, CVE-2017-0808</td>
+ </tr>
+ <tr>
+ <td>Ecular Xu (徐健) of Trend Micro</td>
+ <td>CVE-2017-0599, CVE-2017-0635, CVE-2017-0641, CVE-2017-0643</td>
+ </tr>
+ <tr>
+ <td>Efthimios Alepis of University of Piraeus</td>
+ <td>CVE-2017-0807</td>
+ </tr>
+ <tr>
+ <td>Elphet of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2017-0692, CVE-2017-0694, CVE-2017-0771, CVE-2017-0774, CVE-2017-0775</td>
+ </tr>
+ <tr>
+ <td>En He (<a href="http://twitter.com/heeeeen4x">@heeeeen4x</a>) of <a
+href="http://www.ms509.com/">MS509Team</a></td>
+ <td>CVE-2017-0394, CVE-2017-0490, CVE-2017-0601, CVE-2017-0639,
+CVE-2017-0645, CVE-2017-0784</td>
+ </tr>
+ <tr>
+ <td>Ethan Yonker of <a href="https://twrp.me/">Team Win Recovery Project</a></td>
+ <td>CVE-2017-0493</td>
+ </tr>
+ <tr>
+ <td>Fang Chen of Sony Mobile Communications Inc.</td>
+ <td>CVE-2017-0481</td>
+ </tr>
+ <tr>
+ <td>Frank Liberato of Chrome</td>
+ <td>CVE-2017-0409</td>
+ </tr>
+ <tr>
+ <td>Gal Beniamini of Project Zero</td>
+ <td>CVE-2017-0411, CVE-2017-0412, CVE-2017-0561, CVE-2017-0569
+CVE-2017-0570, CVE-2017-0571, CVE-2017-0572</td>
+ </tr>
+ <tr>
+ <td>Gengjia Chen (<a
+href="https://twitter.com/chengjia4574">@chengjia4574</a>) of IceSword Lab,
+Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2016-8464, CVE-2016-10285, CVE-2016-10288, CVE-2016-10290,
+CVE-2016-10294, CVE-2016-10295, CVE-2016-10296, CVE-2017-0329, CVE-2017-0332,
+CVE-2017-0432, CVE-2017-0434, CVE-2017-0446, CVE-2017-0447, CVE-2017-0500,
+CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0509, CVE-2017-0524,
+CVE-2017-0529, CVE-2017-0536, CVE-2017-0566, CVE-2017-0573, CVE-2017-0581,
+CVE-2017-0616, CVE-2017-0617, CVE-2017-0624, CVE-2017-0649, CVE-2017-0744,
+CVE-2017-6426, CVE-2017-8243, CVE-2017-8266, CVE-2017-8270, CVE-2017-9691,
+CVE-2017-10997</td>
+ </tr>
+ <tr>
+ <td>Godzheng (郑文选 <a
+href="https://twitter.com/virtualseekers">@VirtualSeekers</a>) of Tencent PC
+Manager</td>
+ <td>CVE-2017-0602, CVE-2017-0646</td>
+ </tr>
+ <tr>
+ <td>Google WebM Team</td>
+ <td>CVE-2017-0393</td>
+ </tr>
+ <tr>
+ <td>Gregory Vishnepolsky of <a href="https://armis.com/">Armis, Inc.</a></td>
+ <td>CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785</td>
+ </tr>
+ <tr>
+ <td>Guang Gong (龚广) (<a href="http://twitter.com/oldfresher">@oldfresher</a>)
+of Alpha Team, <a href="http://www.360.com/">Qihoo 360 Technology Co. Ltd.</a></td>
+ <td>CVE-2016-8415, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421,
+CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465,
+CVE-2016-8476, CVE-2016-10283, CVE-2017-0387, CVE-2017-0415, CVE-2017-0437,
+CVE-2017-0438, CVE-2017-0439, CVE-2017-0441, CVE-2017-0442, CVE-2017-0443,
+CVE-2017-0453, CVE-2017-0454, CVE-2017-0461, CVE-2017-0464, CVE-2017-0547,
+CVE-2017-0567, CVE-2017-0574, CVE-2017-0575, CVE-2017-0577, CVE-2017-0580,
+CVE-2017-0584, CVE-2017-0692, CVE-2017-0694, CVE-2017-0727, CVE-2017-0748,
+CVE-2017-0771, CVE-2017-0774, CVE-2017-0775, CVE-2017-0786, CVE-2017-0787,
+CVE-2017-0788, CVE-2017-0789, CVE-2017-0790, CVE-2017-0791, CVE-2017-0792,
+CVE-2017-0825, CVE-2017-6424</td>
+ </tr>
+ <tr>
+ <td>Guangdong Bai of Singapore Institute of Technology (SIT)</td>
+ <td>CVE-2017-0496</td>
+ </tr>
+ <tr>
+ <td><a
+href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz Seray
+Tuncay</a> of the <a href="http://tuncay2.web.engr.illinois.edu/">University of
+Illinois at Urbana-Champaign</a></td>
+ <td>CVE-2017-0593</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:arnow117@gmail.com">Hanxiang Wen</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0400, CVE-2017-0418, CVE-2017-0479, CVE-2017-0480,
+CVE-2017-0665, CVE-2017-0681, CVE-2017-0737</td>
+ </tr>
+ <tr>
+ <td>Hao Chen of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2016-8415, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421,
+CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465,
+CVE-2016-8476, CVE-2016-10283, CVE-2017-0437, CVE-2017-0438, CVE-2017-0439,
+CVE-2017-0441, CVE-2017-0442, CVE-2017-0443, CVE-2017-0453, CVE-2017-0454,
+CVE-2017-0461, CVE-2017-0464, CVE-2017-0567, CVE-2017-0574, CVE-2017-0575,
+CVE-2017-0577, CVE-2017-0580, CVE-2017-0584, CVE-2017-0748, CVE-2017-0786,
+CVE-2017-0787, CVE-2017-0788, CVE-2017-0789, CVE-2017-0790, CVE-2017-0791,
+CVE-2017-0792, CVE-2017-0825, CVE-2017-6424</td>
+ </tr>
+ <tr>
+ <td>Hao Qin of Security Research Lab, Cheetah Mobile</td>
+ <td>CVE-2017-11056</td>
+ </tr>
+ <tr>
+ <td>Hiroki Yamamoto of Sony Mobile Communications Inc.</td>
+ <td>CVE-2017-0481</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:hlhan@bupt.edu.cn">Hongli Han</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0384, CVE-2017-0385, CVE-2017-0731, CVE-2017-0739</td>
+ </tr>
+ <tr>
+ <td>hujianfei of Qihoo360 Qex Team</td>
+ <td>CVE-2017-0753</td>
+ </tr>
+ <tr>
+ <td>Ian Foster (<a href="https://twitter.com/lanrat">@lanrat</a>)</td>
+ <td>CVE-2017-0554</td>
+ </tr>
+ <tr>
+ <td>Jack Tang of Trend Micro Inc.</td>
+ <td>CVE-2017-0579, CVE-2017-9706</td>
+ </tr>
+ <tr>
+ <td>Jake Corina of Shellphish Grill Team</td>
+ <td>CVE-2017-0636, CVE-2017-0802</td>
+ </tr>
+ <tr>
+ <td>Jason Gu of Trend Micro</td>
+ <td>CVE-2017-0780</td>
+ </tr>
+ <tr>
+ <td>Jeff Sharkey of Google</td>
+ <td>CVE-2017-0421, CVE-2017-0423</td>
+ </tr>
+ <tr>
+ <td>Jeff Trim</td>
+ <td>CVE-2017-0422</td>
+ </tr>
+ <tr>
+ <td>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">@Jioun_dai</a>) of
+<a href="https://skyeye.360safe.com/">Qihoo 360 Skyeye Labs</a></td>
+ <td>CVE-2017-0478, CVE-2017-0541, CVE-2017-0559</td>
+ </tr>
+ <tr>
+ <td>Jianqiang Zhao (<a
+href="https://twitter.com/jianqiangzhao">@jianqiangzhao</a>) of IceSword Lab,
+Qihoo 360</td>
+ <td>CVE-2016-5346, CVE-2016-8416, CVE-2016-8475, CVE-2016-8478,
+CVE-2017-0445, CVE-2017-0458, CVE-2017-0459, CVE-2017-0518, CVE-2017-0519,
+CVE-2017-0533, CVE-2017-0534, CVE-2017-6425, CVE-2017-8233, CVE-2017-8261,
+CVE-2017-8268</td>
+ </tr>
+ <tr>
+ <td>Joey Brand of Census Consulting Inc.</td>
+ <td>CVE-2017-0698</td>
+ </tr>
+ <tr>
+ <td>Jon Sawyer (<a href="http://twitter.com/jcase">@jcase</a>)</td>
+ <td>CVE-2016-8461, CVE-2016-8462</td>
+ </tr>
+ <tr>
+ <td>Juhu Nie of Xiaomi Inc.</td>
+ <td>CVE-2016-10276</td>
+ </tr>
+ <tr>
+ <td>Jun Cheng of Alibaba Inc.</td>
+ <td>CVE-2017-0404</td>
+ </tr>
+ <tr>
+ <td>Kevin Deus of Google</td>
+ <td>CVE-2017-11052, CVE-2017-11054, CVE-2017-11055, CVE-2017-11062</td>
+ </tr>
+ <tr>
+ <td>Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室)</td>
+ <td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738,
+CVE-2017-0766, CVE-2017-0794 CVE-2017-9681, CVE-2017-9684, CVE-2017-9693,
+CVE-2017-9694, CVE-2017-9720, CVE-2017-10999, CVE-2017-11001, CVE-2017-11057,
+CVE-2017-11060, CVE-2017-11061, CVE-2017-11064</td>
+ </tr>
+ <tr>
+ <td>Liyadong of Qex Team, Qihoo 360</td>
+ <td>CVE-2017-0647</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:zlbzlb815@163.com">Lubo Zhang</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2016-8479, CVE-2017-0564, CVE-2017-7368</td>
+ </tr>
+ <tr>
+ <td>ma.la of LINE Corporation</td>
+ <td>CVE-2016-5552</td>
+ </tr>
+ <tr>
+ <td>Makoto Onuki of Google</td>
+ <td>CVE-2017-0491</td>
+ </tr>
+ <tr>
+ <td>Marco Bartoli (<a href="https://twitter.com/wsxarcher">@wsxarcher</a>)</td>
+ <td>CVE-2017-0712</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:salyzyn@android.com">Mark Salyzyn</a> of Google</td>
+ <td>CVE-2017-0558</td>
+ </tr>
+ <tr>
+ <td>Max Spector of Google</td>
+ <td>CVE-2017-0416</td>
+ </tr>
+ <tr>
+ <td>Michael Goberman of IBM Security X-Force</td>
+ <td>CVE-2016-8467</td>
+ </tr>
+ <tr>
+ <td><a href="https://github.com/michalbednarski">Michal Bednarski</a></td>
+ <td>CVE-2017-0598, CVE-2017-0806</td>
+ </tr>
+ <tr>
+ <td>Mike Anderson (<a href="https://twitter.com/manderbot">@manderbot</a>) of
+Tesla Motors Product Security Team</td>
+ <td>CVE-2017-0327, CVE-2017-0328</td>
+ </tr>
+ <tr>
+ <td>Mingjian Zhou (<a
+href="https://twitter.com/Mingjian_Zhou">@Mingjian_Zhou</a>) of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0383, CVE-2017-0417, CVE-2017-0418, CVE-2017-0425,
+CVE-2017-0450, CVE-2017-0479, CVE-2017-0480, CVE-2017-0483, CVE-2017-0665,
+CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0731, CVE-2017-0737,
+CVE-2017-0739, CVE-2017-0765, CVE-2017-0768, CVE-2017-0769, CVE-2017-0779,
+CVE-2017-0801, CVE-2017-0812, CVE-2017-0815, CVE-2017-0816</td>
+ </tr>
+ <tr>
+ <td>Monk Avel</td>
+ <td>CVE-2017-0396, CVE-2017-0399</td>
+ </tr>
+ <tr>
+ <td>Nan Li of Xiaomi Inc.</td>
+ <td>CVE-2016-10276</td>
+ </tr>
+ <tr>
+ <td>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>)</td>
+ <td>CVE-2017-0535</td>
+ </tr>
+ <tr>
+ <td>Nathan Crandall (<a href="https://twitter.com/natecray">@natecray</a>) of
+Tesla Motors Product Security Team</td>
+ <td>CVE-2017-0306, CVE-2017-0327, CVE-2017-0328, CVE-2017-0331,
+CVE-2017-0606, CVE-2017-8242, CVE-2017-9679</td>
+ </tr>
+ <tr>
+ <td>Nick Stephens of Shellphish Grill Team</td>
+ <td>CVE-2017-0636, CVE-2017-0802</td>
+ </tr>
+ <tr>
+ <td>Nikolay Elenkov of LINE Corporation</td>
+ <td>CVE-2016-5552</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:jiych.guru@gmail.com">Niky1235</a> (<a
+href="https://twitter.com/jiych_guru">@jiych_guru</a>)</td>
+ <td>CVE-2017-0603, CVE-2017-0670, CVE-2017-0697, CVE-2017-0726, CVE-2017-0818</td>
+ </tr>
+ <tr>
+ <td>Ning You of Alibaba Mobile Security Group</td>
+ <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0565</td>
+ </tr>
+ <tr>
+ <td>Nitay Artenstein of Exodus Intelligence</td>
+ <td>CVE-2017-9417</td>
+ </tr>
+ <tr>
+ <td>Omer Shwartz of Ben Gurion University Cyber Lab</td>
+ <td>CVE-2017-0650</td>
+ </tr>
+ <tr>
+ <td>Peide Zhang of Vulpecker Team, Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2017-0618, CVE-2017-0625</td>
+ </tr>
+ <tr>
+ <td>Peng Xiao of Alibaba Mobile Security Group</td>
+ <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506,
+CVE-2017-0565</td>
+ </tr>
+ <tr>
+ <td>Pengfei Ding (丁鹏飞) of Baidu X-Lab (百度安全实验室)</td>
+ <td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738,
+CVE-2017-0766, CVE-2017-0794, CVE-2017-9681, CVE-2017-9684, CVE-2017-9693,
+CVE-2017-9694, CVE-2017-9715, CVE-2017-9717,
+CVE-2017-9720, CVE-2017-11001, CVE-2017-10999, CVE-2017-11057,
+CVE-2017-11060, CVE-2017-11061, CVE-2017-11064</td>
+ </tr>
+ <tr>
+ <td>Peter Pi of Tencent Security Platform Department</td>
+ <td>CVE-2017-11046</td>
+ </tr>
+ <tr>
+ <td>Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>) of
+Trend Micro</td>
+ <td>CVE-2016-8424, CVE-2016-8428, CVE-2016-8429, CVE-2016-8460,
+CVE-2016-8469, CVE-2016-8473, CVE-2016-8474</td>
+ </tr>
+ <tr>
+ <td><a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360
+Technology Co. Ltd.</td>
+ <td>CVE-2016-5346, CVE-2016-8416, CVE-2016-8464, CVE-2016-8475,
+CVE-2016-8478, CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, CVE-2016-10294,
+CVE-2016-10295, CVE-2016-10296, CVE-2017-0329, CVE-2017-0332, CVE-2017-0432,
+CVE-2017-0434, CVE-2017-0445, CVE-2017-0446, CVE-2017-0447, CVE-2017-0458,
+CVE-2017-0459, CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503,
+CVE-2017-0509, CVE-2017-0518, CVE-2017-0519, CVE-2017-0524, CVE-2017-0529,
+CVE-2017-0533, CVE-2017-0534, CVE-2017-0536, CVE-2017-0566, CVE-2017-0573,
+CVE-2017-0581, CVE-2017-0616, CVE-2017-0617, CVE-2017-0624, CVE-2017-0649,
+CVE-2017-0744, CVE-2017-6425, CVE-2017-6426, CVE-2017-8233, CVE-2017-8243,
+CVE-2017-8261, CVE-2017-8266, CVE-2017-8268, CVE-2017-8270, CVE-2017-9691,
+CVE-2017-10997</td>
+ </tr>
+ <tr>
+ <td>Qidan He (何淇丹) (<a
+href="https://twitter.com/flanker_hqd">@flanker_hqd</a>) of KeenLab, Tencent
+(腾讯科恩实验室)</td>
+ <td>CVE-2017-0325, CVE-2017-0337, CVE-2017-0382, CVE-2017-0427,
+CVE-2017-0476, CVE-2017-0544</td>
+ </tr>
+ <tr>
+ <td>Qing Zhang of Qihoo 360</td>
+ <td>CVE-2017-0496</td>
+ </tr>
+ <tr>
+ <td>Qiwu Huang of Xiaomi Inc.</td>
+ <td>CVE-2016-10276</td>
+ </tr>
+ <tr>
+ <td>Quhe of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</td>
+ <td>CVE-2017-0522</td>
+ </tr>
+ <tr>
+ <td>Roee Hay (<a href="https://twitter.com/roeehay">@rooehay</a>) of Aleph
+Research, HCL Technologies</td>
+ <td>CVE-2016-10277, CVE-2017-0563, CVE-2017-0582, CVE-2017-0648</td>
+ </tr>
+ <tr>
+ <td>Roee Hay of IBM Security X-Force Research</td>
+ <td>CVE-2016-8467, CVE-2017-0510</td>
+ </tr>
+ <tr>
+ <td>Sagi Kedmi of IBM Security X-Force Research</td>
+ <td>CVE-2017-0433, CVE-2017-0510</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:keun-o.park@darkmatter.ae">Sahara</a> of Secure
+Communications in DarkMatter</td>
+ <td>CVE-2017-0528</td>
+ </tr>
+ <tr>
+ <td>salls (<a href="https://twitter.com/chris_salls">@chris_salls</a>) of
+Shellphish Grill Team, UC Santa Barbara</td>
+ <td>CVE-2017-0505</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:sbauer@plzdonthack.me">Scott Bauer</a> (<a
+href="https://twitter.com/ScottyBauer1">@ScottyBauer1</a>)</td>
+ <td>CVE-2016-10274, CVE-2017-0339, CVE-2017-0405, CVE-2017-0504,
+CVE-2017-0516, CVE-2017-0521, CVE-2017-0562, CVE-2017-0576, CVE-2017-0705,
+CVE-2017-8259, CVE-2017-8260, CVE-2017-9680, CVE-2017-11053</td>
+ </tr>
+ <tr>
+ <td>Sean Beaupre (<a
+href="https://twitter.com/firewaterdevs">@firewaterdevs</a>)</td>
+ <td>CVE-2016-8461, CVE-2016-8462, CVE-2017-0455</td>
+ </tr>
+ <tr>
+ <td>Seven Shen (<a href="https://twitter.com/lingtongshen">@lingtongshen</a>)
+of Trend Micro Mobile Threat Research Team</td>
+ <td>CVE-2016-8418, CVE-2016-8466, CVE-2016-10231, CVE-2017-0449,
+CVE-2017-0452, CVE-2017-0578, CVE-2017-0586, CVE-2017-0724, CVE-2017-0772,
+CVE-2017-0780, CVE-2017-6247, CVE-2017-6248, CVE-2017-6249, CVE-2017-7369</td>
+ </tr>
+ <tr>
+ <td>Shinichi Matsumoto of Fujitsu</td>
+ <td>CVE-2017-0498</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:smarques84@gmail.com">Stéphane Marques</a> of <a
+href="http://www.byterev.com/">ByteRev</a></td>
+ <td>CVE-2017-0489</td>
+ </tr>
+ <tr>
+ <td>Stephen Morrow</td>
+ <td>CVE-2017-0389</td>
+ </tr>
+ <tr>
+ <td>Svetoslav Ganov of Google</td>
+ <td>CVE-2017-0492</td>
+ </tr>
+ <tr>
+ <td>Tim Becker</td>
+ <td>CVE-2017-0546</td>
+ </tr>
+ <tr>
+ <td>Timothy Becker of CSS Inc.</td>
+ <td>CVE-2017-0667, CVE-2017-0732, CVE-2017-0805</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:segfault5514@gmail.com">Tong Lin</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8449, CVE-2016-8479,
+CVE-2016-8481, CVE-2016-10291, CVE-2017-0333, CVE-2017-0428, CVE-2017-0435,
+CVE-2017-0436, CVE-2017-10661</td>
+ </tr>
+ <tr>
+ <td>Uma Sankar Pradhan (<a
+href="https://twitter.com/umasankar_iitd">@umasankar_iitd</a>)</td>
+ <td>CVE-2017-0560</td>
+ </tr>
+ <tr>
+ <td>Valerio Costamagna (<a href="https://twitter.com/vaio_co">@vaio_co</a>)</td>
+ <td>CVE-2017-0712</td>
+ </tr>
+ <tr>
+ <td>Vasily Vasiliev</td>
+ <td>CVE-2017-0589, CVE-2017-0637, CVE-2017-0638, CVE-2017-0642,
+CVE-2017-0675, CVE-2017-0676, CVE-2017-0682, CVE-2017-0683, CVE-2017-0696,
+CVE-2017-0699, CVE-2017-0701, CVE-2017-0702, CVE-2017-0716, CVE-2017-0757</td>
+ </tr>
+ <tr>
+ <td>V.E.O (<a href="https://twitter.com/vysea">@VYSEa</a>) of Mobile Threat
+Research Team, <a href="http://www.trendmicro.com/">Trend Micro</a></td>
+ <td>CVE-2017-0381, CVE-2017-0424, CVE-2017-0466, CVE-2017-0467,
+CVE-2017-0468, CVE-2017-0469, CVE-2017-0470, CVE-2017-0471, CVE-2017-0472,
+CVE-2017-0473, CVE-2017-0482, CVE-2017-0484, CVE-2017-0485, CVE-2017-0486,
+CVE-2017-0487, CVE-2017-0494, CVE-2017-0495, CVE-2017-0538, CVE-2017-0539,
+CVE-2017-0540, CVE-2017-0555, CVE-2017-0556, CVE-2017-0557, CVE-2017-0587,
+CVE-2017-0590, CVE-2017-0600, CVE-2017-0640, CVE-2017-0674, CVE-2017-0677,
+CVE-2017-0679, CVE-2017-0680, CVE-2017-0685, CVE-2017-0686, CVE-2017-0689,
+CVE-2017-0693, CVE-2017-0695, CVE-2017-0713, CVE-2017-0715, CVE-2017-0750,
+CVE-2017-10662, CVE-2017-10663</td>
+ </tr>
+ <tr>
+ <td>wanchouchou of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</td>
+ <td>CVE-2017-0522</td>
+ </tr>
+ <tr>
+ <td>Weichao Sun (<a href="https://twitter.com/sunblate">@sunblate</a>) of
+Alibaba Inc.</td>
+ <td>CVE-2017-0391, CVE-2017-0407, CVE-2017-0549, CVE-2017-0759</td>
+ </tr>
+ <tr>
+ <td>Wenjun Hu of Palo Alto Networks</td>
+ <td>CVE-2017-0752</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:vancouverdou@gmail.com">Wenke Dou</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400,
+CVE-2017-0401, CVE-2017-0402, CVE-2017-0417, CVE-2017-0418, CVE-2017-0450,
+CVE-2017-0483, CVE-2017-0768, CVE-2017-0779, CVE-2017-0812, CVE-2017-0815,
+CVE-2017-0816</td>
+ </tr>
+ <tr>
+ <td>Wenlin Yang (<a href="https://twitter.com/wenlin_yang">@wenlin_yang</a>)
+of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2017-0577, CVE-2017-0580</td>
+ </tr>
+ <tr>
+ <td>Wish Wu (<a href="https://twitter.com/wish_wu">@wish_wu</a>) (<a
+href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼) of Ant-financial Light-Year
+Security Lab</td>
+ <td>CVE-2017-0408, CVE-2017-0477, CVE-2017-11063</td>
+ </tr>
+ <tr>
+ <td>Wolfu (付敬贵) of Tencent Security Platform Department</td>
+ <td>CVE-2017-11050, CVE-2017-11051, CVE-2017-11067</td>
+ </tr>
+ <tr>
+ <td>Xiangqian Zhang of Alibaba Mobile Security Group</td>
+ <td>CVE-2017-0796, CVE-2017-0827</td>
+ </tr>
+ <tr>
+ <td>Xiao Zhang of Palo Alto Networks</td>
+ <td>CVE-2017-0752</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:wisedd@gmail.com">Xiaodong Wang</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0429, CVE-2017-0448</td>
+ </tr>
+ <tr>
+ <td>Xiling Gong of Tencent Security Platform Department</td>
+ <td>CVE-2017-0597, CVE-2017-0708, CVE-2017-8236</td>
+ </tr>
+ <tr>
+ <td>Xingyuan Lin of 360 Marvel Team</td>
+ <td>CVE-2017-0627</td>
+ </tr>
+ <tr>
+ <td>Xuxian Jiang of <a href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431,
+CVE-2016-8432, CVE-2016-8449, CVE-2016-8435, CVE-2016-8479, CVE-2016-8480,
+CVE-2016-8481, CVE-2016-8482, CVE-2016-10291, CVE-2017-0326, CVE-2017-0333,
+CVE-2017-0383, CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400,
+CVE-2017-0401, CVE-2017-0402, CVE-2017-0417, CVE-2017-0418, CVE-2017-0425,
+CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444,
+CVE-2017-0448, CVE-2017-0450, CVE-2017-0479, CVE-2017-0480, CVE-2017-0483,
+CVE-2017-0526, CVE-2017-0527, CVE-2017-0651, CVE-2017-0665, CVE-2017-0666,
+CVE-2017-0681, CVE-2017-0684, CVE-2017-0709, CVE-2017-0731, CVE-2017-0737,
+CVE-2017-0739, CVE-2017-0765, CVE-2017-0768, CVE-2017-0769, CVE-2017-0779,
+CVE-2017-0801, CVE-2017-7368, CVE-2017-8264, CVE-2017-10661</td>
+ </tr>
+ <tr>
+ <td>Yan Zhou of Eagleye team, SCC, Huawei</td>
+ <td>CVE-2017-9678</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:bigwyfone@gmail.com">Yanfeng Wang</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2016-8430, CVE-2016-8482</td>
+ </tr>
+ <tr>
+ <td>Yang Cheng of Xiaomi Inc.</td>
+ <td>CVE-2016-10276</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:huahuaisadog@gmail.com">Yang Dai</a> of Vulpecker Team,
+Qihoo 360 Technology Co. Ltd</td>
+ <td>CVE-2017-0795, CVE-2017-0799, CVE-2017-0804, CVE-2017-0803</td>
+ </tr>
+ <tr>
+ <td>Yang Song of Alibaba Mobile Security Group</td>
+ <td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506,
+CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751,
+CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-11000,
+CVE-2017-11059</td>
+ </tr>
+ <tr>
+ <td>Yangkang (<a href="https://twitter.com/dnpushme">@dnpushme</a>) of Qex
+Team, Qihoo 360</td>
+ <td>CVE-2017-0647, CVE-2017-0690, CVE-2017-0753</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:yaojun8558363@gmail.com">Yao Jun</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2016-8431, CVE-2016-8432, CVE-2016-8435, CVE-2016-8480</td>
+ </tr>
+ <tr>
+ <td>Yong Wang (王勇) (<a
+href="https://twitter.com/ThomasKing2014">@ThomasKing2014</a>) of Alibaba Inc.</td>
+ <td>CVE-2017-0404, CVE-2017-0588</td>
+ </tr>
+ <tr>
+ <td>Yonggang Guo (<a href="https://twitter.com/guoygang">@guoygang</a>) of
+IceSword Lab, Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2016-10289, CVE-2017-0465, CVE-2017-0564, CVE-2017-0746,
+CVE-2017-0749, CVE-2017-7370, CVE-2017-8267, CVE-2017-8269, CVE-2017-8271,
+CVE-2017-8272, CVE-2017-11048, CVE-2017-12146</td>
+ </tr>
+ <tr>
+ <td>Yongke Wang of <a href="http://xlab.tencent.com/">Tencent's Xuanwu
+Lab</a></td>
+ <td>CVE-2017-0729, CVE-2017-0767</td>
+ </tr>
+ <tr>
+ <td>Dr. Yossi Oren of Ben Gurion University Cyber Lab</td>
+ <td>CVE-2017-0650</td>
+ </tr>
+ <tr>
+ <td>Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd</td>
+ <td>CVE-2016-10282, CVE-2017-0517, CVE-2017-0532, CVE-2017-0615,
+CVE-2017-0618, CVE-2017-0625, CVE-2017-0795, CVE-2017-0799, CVE-2017-0804,
+CVE-2017-0803</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:computernik@gmail.com">Yuan-Tsung Lo</a> of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431,
+CVE-2016-8432, CVE-2016-8435, CVE-2016-8449, CVE-2016-8479, CVE-2016-8480,
+CVE-2016-8481, CVE-2016-8482, CVE-2016-10291, CVE-2017-0326, CVE-2017-0333,
+CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444,
+CVE-2017-0448, CVE-2017-0526, CVE-2017-0527, CVE-2017-0651, CVE-2017-0709,
+CVE-2017-0824, CVE-2017-7368, CVE-2017-8264, CVE-2017-10661</td>
+ </tr>
+ <tr>
+ <td>Yuebin Sun of <a href="http://xlab.tencent.com/">Tencent's Xuanwu Lab</a></td>
+ <td>CVE-2017-0767</td>
+ </tr>
+ <tr>
+ <td>Yuqi Lu (<a href="https://twitter.com/nikos233__">@nikos233</a>) of <a
+href="http://c0reteam.org/">C0RE Team</a></td>
+ <td>CVE-2017-0383, CVE-2017-0401, CVE-2017-0417, CVE-2017-0425, CVE-2017-0483</td>
+ </tr>
+ <tr>
+ <td>Yuxiang Li (<a href="https://twitter.com/xbalien29">@Xbalien29</a>) of
+Tencent Security Platform Department</td>
+ <td>CVE-2017-0395, CVE-2017-0669, CVE-2017-0704</td>
+ </tr>
+ <tr>
+ <td>Zach Riggle (<a href="https://twitter.com/ebeip90">@ebeip90</a>) of the
+Android Security Team</td>
+ <td>CVE-2017-0710</td>
+ </tr>
+ <tr>
+ <td>Zhanpeng Zhao (行之) (<a href="https://twitter.com/0xr0ot">@0xr0ot</a>) of
+Security Research Lab, <a href="http://www.cmcm.com/">Cheetah Mobile</a></td>
+ <td>CVE-2016-8451</td>
+ </tr>
+ <tr>
+ <td>Zhe Jin (金哲) of Chengdu Security Response Center, Qihoo 360 Technology
+Co. Ltd.</td>
+ <td>CVE-2017-0758, CVE-2017-0760</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:zhouzhenster@gmail.com">Zhen Zhou</a> (<a
+href="https://twitter.com/henices">@henices</a>) of <a
+href="http://www.nsfocus.com/">NSFocus</a></td>
+ <td>CVE-2017-0406</td>
+ </tr>
+ <tr>
+ <td>Zhi Xu of Palo Alto Networks</td>
+ <td>CVE-2017-0752</td>
+ </tr>
+ <tr>
+ <td><a href="mailto:sundaywind2004@gmail.com">Zhixin Li</a> of <a
+href="http://www.nsfocus.com/">NSFocus</a></td>
+ <td>CVE-2017-0406</td>
+ </tr>
+ <tr>
+ <td><a href="https://weibo.com/ele7enxxh">Zinuo Han</a> from Chengdu Security
+Response Center of Qihoo 360 Technology Co. Ltd.</td>
+ <td>CVE-2017-0475, CVE-2017-0497, CVE-2017-0548, CVE-2017-0678,
+CVE-2017-0691, CVE-2017-0700, CVE-2017-0714, CVE-2017-0718, CVE-2017-0719,
+CVE-2017-0720, CVE-2017-0722, CVE-2017-0725, CVE-2017-0745, CVE-2017-0760,
+CVE-2017-0761, CVE-2017-0764, CVE-2017-0776, CVE-2017-0777, CVE-2017-0778,
+CVE-2017-0813, CVE-2017-0814, CVE-2017-0820, CVE-2017-0823</td>
+ </tr>
+ <tr>
+ <td>Zubin Mithra of Google</td>
+ <td>CVE-2017-0462, CVE-2017-8241</td>
+ </tr>
+</table>
<h2 id="2016">2016</h2>
<div style="LINE-HEIGHT:25px;">
@@ -598,7 +1056,7 @@
<p>Peter Pi (<a href="https://twitter.com/heisecode">@heisecode</a>) of Trend Micro</p>
-<a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360</p>
+<p><a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360</p>
<p>Quan Nguyen of Google Information Security Engineer Team</p>
@@ -778,7 +1236,7 @@
</div>
-<h2 id=2015>2015</h2>
+<h2 id="2015">2015</h2>
<div style="LINE-HEIGHT:25px;">
<p>Abhishek Arya, Google Chrome Security Team</p>
@@ -883,10 +1341,9 @@
<p>Yajin Zhou of C0RE Team from Qihoo 360</p>
-
</div>
-<h2 id=2014>2014</h2>
+<h2 id="2014">2014</h2>
<div style="LINE-HEIGHT:25px;">
<p>Aaron Mangel of <a href="https://banno.com/">Banno</a> (<a
@@ -1026,7 +1483,7 @@
</div>
-<h2 id=2013>2013</h2>
+<h2 id="2013">2013</h2>
<div style="LINE-HEIGHT:25px;">
@@ -1092,14 +1549,14 @@
<img style="vertical-align:middle" src="../images/tiny-robot.png"
alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p>
-<p>Xiaorui Pan of Indiana University Bloomington (<a href="mailto:eagle200467@gmail.com">eagle200467@gmail.com</a>)<p>
+<p>Xiaorui Pan of Indiana University Bloomington (<a href="mailto:eagle200467@gmail.com">eagle200467@gmail.com</a>)</p>
<p>XiaoFeng Wang of Indiana University Bloomington (<a href="mailto:xw7@indiana.edu">xw7@indiana.edu</a>)</p>
</div>
-<h2 id=2012>2012</h2>
+<h2 id="2012">2012</h2>
<div style="LINE-HEIGHT:25px;">
@@ -1135,7 +1592,7 @@
</div>
-<h2 id=2011>2011</h2>
+<h2 id="2011">2011</h2>
<div style="LINE-HEIGHT:25px;">
@@ -1143,7 +1600,7 @@
</div>
-<h2 id=2009>2009</h2>
+<h2 id="2009">2009</h2>
<div style="LINE-HEIGHT:25px;">
diff --git a/en/security/selinux/index.html b/en/security/selinux/index.html
index f45d517..e5ad9a1 100644
--- a/en/security/selinux/index.html
+++ b/en/security/selinux/index.html
@@ -39,83 +39,83 @@
(a.k.a. Linux capabilities). SELinux enhances Android security by confining
privileged processes and automating security policy creation.</p>
-<p>Contributions to it have been made by a number
-of companies and organizations; all Android code
-and contributors are publicly available for review on <a
-href="https://android.googlesource.com/">android.googlesource.com</a>. With
-SELinux, Android can better protect and confine system services, control
-access to application data and system logs, reduce the effects of malicious
-software, and protect users from potential flaws in code on mobile devices.</p>
+<p>Many companies and organizations have contributed to SELinux; their
+contributions are publicly available for review on
+<a href="https://android.googlesource.com/" class="external">android.googlesource.com</a>,
+aka the Android Open Source Project (AOSP). With SELinux, Android can better
+protect and confine system services, control access to application data and
+system logs, reduce the effects of malicious software, and protect users from
+potential flaws in code on mobile devices.</p>
-<p>Android includes SELinux in enforcing mode and a
-corresponding security policy that works by default across the <a
-href="https://android.googlesource.com/">Android Open Source Project</a>. In
-enforcing mode, illegitimate actions are prevented and all attempted violations
-are logged by the kernel to <code>dmesg</code> and <code>logcat</code>. Android
-device manufacturers should gather information about errors so they may
-refine their software and SELinux policies before enforcing them.</p>
+<p>Android includes SELinux in enforcing mode and a corresponding security
+policy that works by default across AOSP. In enforcing mode, illegitimate
+actions are prevented and all attempted violations are logged by the kernel to
+<code>dmesg</code> and <code>logcat</code>. Android device manufacturers should
+gather information about errors so they may refine their software and SELinux
+policies before enforcing them.</p>
<h2 id=background>Background</h2>
-
-<p>SELinux operates on the ethos of default denial. Anything that is not
-explicitly allowed is denied. SELinux can operate in one of two global modes:
-permissive mode, in which permission denials are logged but not enforced, and
-enforcing mode, in which denials are both logged and enforced. SELinux also
-supports a per-domain permissive mode in which specific domains (processes) can
-be made permissive while placing the rest of the system in global enforcing
-mode. A domain is simply a label identifying a process or set of processes in
-the security policy, where all processes labeled with the same domain are
-treated identically by the security policy. Per-domain permissive mode enables
-incremental application of SELinux to an ever-increasing portion of the system.
-Per-domain permissive mode also enables policy development for new services
-while keeping the rest of the system enforcing.</p>
-
-<p>In the Android 5.0 (L) release, Android moves to full enforcement of
-SELinux. This builds upon the permissive release of 4.3 and the partial
-enforcement of 4.4. In short, Android is shifting from enforcement on a
-limited set of crucial domains (<code>installd</code>, <code>netd</code>,
-<code>vold</code> and <code>zygote</code>) to everything (more than 60
-domains). This means manufacturers will have to better understand and scale
-their SELinux implementations to provide compatible devices. Understand
-that:</p>
-
-
+<p>SELinux operates on the ethos of default denial: Anything not explicitly
+allowed is denied. SELinux can operate in one of two global modes:</p>
<ul>
-<li>Everything is in enforcing mode in the 5.0 release</li>
-<li> No processes other than <code>init</code> should run in the
-<code>init</code> domain</li>
-<li> Any generic denial (for a block_device, socket_device, default_service,
-etc.) indicates that device needs a special domain</li>
+<li><em>Permissive</em> mode, in which permission denials are logged but not
+enforced.</li>
+<li><em>Enforcing</em> mode, in which permissions denials are both logged
+<strong>and</strong> enforced.</li>
</ul>
-<h2 id=supporting_documentation>Supporting documentation</h2>
+<p>SELinux also supports a <em>per-domain permissive</em> mode in which specific
+domains (processes) can be made permissive while placing the rest of the system
+in global enforcing mode. A domain is simply a label identifying a process or set
+of processes in the security policy, where all processes labeled with the same
+domain are treated identically by the security policy. Per-domain permissive
+mode enables incremental application of SELinux to an ever-increasing portion of
+the system and policy development for new services (while keeping the rest of
+the system enforcing).</p>
-<p>See the documentation below for details on constructing useful policies:</p>
+<p>The Android 5.0 release moved to full enforcement of SELinux, building on the
+permissive release of Android 4.3 and the partial enforcement of Android 4.4.
+With this change, Android shifted from enforcement on a limited set of crucial
+domains (<code>installd</code>, <code>netd</code>, <code>vold</code> and
+<code>zygote</code>) to everything (more than 60 domains). Specifically:</p>
-<p><a href="https://events.linuxfoundation.org/sites/events/files/slides/abs2014_seforandroid_smalley.pdf">
-https://events.linuxfoundation.org/sites/events/files/slides/
-abs2014_seforandroid_smalley.pdf</a></p>
+<ul>
+<li>Everything is in enforcing mode in Android 5.x and higher.</li>
+<li>No processes other than <code>init</code> should run in the
+<code>init</code> domain.</li>
+<li>Any generic denial (for a <code>block_device</code>,
+<code>socket_device</code>, <code>default_service</code>, etc.) indicates that
+device needs a special domain.</li>
+</ul>
+<p>As a result, manufacturers need to better understand and scale their SELinux
+implementations to provide compatible devices.</p>
-<p><a href="https://www.internetsociety.org/sites/default/files/02_4.pdf">
-https://www.internetsociety.org/sites/default/files/02_4.pdf</a></p>
+<h2 id=supporting_documentation>Additional resources</h2>
-<p><a href="http://freecomputerbooks.com/books/The_SELinux_Notebook-4th_Edition.pdf">
-http://freecomputerbooks.com/books/The_SELinux_Notebook-4th_Edition.pdf</a></p>
+<p>For help constructing useful SELinux policies, refer to the following
+resources:</p>
-<p><a href="http://selinuxproject.org/page/ObjectClassesPerms">
-http://selinuxproject.org/page/ObjectClassesPerms</a></p>
+<ul><li><a href="https://events.linuxfoundation.org/sites/events/files/slides/abs2014_seforandroid_smalley.pdf" class="external">
+Security Enhancements for Linux</a></li>
-<p><a href="https://www.nsa.gov/resources/everyone/digital-media-center/publications/research-papers/assets/files/implementing-selinux-as-linux-security-module-report.pdf">
-https://www.nsa.gov/resources/everyone/digital-media-center/publications/
-research-papers/assets/files/
-implementing-selinux-as-linux-security-module-report.pdf</a></p>
+<li><a href="http://www.cs.columbia.edu/~lierranli/coms6998-7Spring2014/papers/SEAndroid-NDSS2013.pdf" class="external">
+Security Enhanced (SE) Android: Bringing Flexible MAC to Android</a></li>
-<p><a href="https://www.nsa.gov/resources/everyone/digital-media-center/publications/research-papers/assets/files/configuring-selinux-policy-report.pdf">
-https://www.nsa.gov/resources/everyone/digital-media-center/publications/
-research-papers/assets/files/configuring-selinux-policy-report.pdf</a></p>
+<li><a href="http://freecomputerbooks.com/books/The_SELinux_Notebook-4th_Edition.pdf" class="external">
+The SELinux Notebook, 4th Edition</a></li>
-<p><a href="https://www.gnu.org/software/m4/manual/index.html">
-https://www.gnu.org/software/m4/manual/index.html</a></p>
+<li><a href="http://selinuxproject.org/page/ObjectClassesPerms" class="external">
+SELinux Object Classes and Permissions Reference</a></li>
+
+<li><a href="https://www.nsa.gov/resources/everyone/digital-media-center/publications/research-papers/assets/files/implementing-selinux-as-linux-security-module-report.pdf" class="external">
+Implementing SELinux as a Linux Security Module</a></li>
+
+<li><a href="https://www.nsa.gov/resources/everyone/digital-media-center/publications/research-papers/assets/files/configuring-selinux-policy-report.pdf" class="external">
+Configuring the SELinux Policy</a></li>
+
+<li><a href="https://www.gnu.org/software/m4/manual/index.html" class="external">
+GNU M4 - GNU Macro Processor Manual</a></li>
+</ul>
</body>
</html>
diff --git a/en/source/_toc.yaml b/en/source/_toc.yaml
index ee80c6a..09c42a3 100644
--- a/en/source/_toc.yaml
+++ b/en/source/_toc.yaml
@@ -19,7 +19,7 @@
path: /source/site-updates
- title: Downloading and Building
section:
- - title: Overview
+ - title: Requirements
path: /source/requirements
- title: Establishing a Build Environment
path: /source/initializing
diff --git a/en/source/build-numbers.html b/en/source/build-numbers.html
index 0e11aa5..7db8533 100644
--- a/en/source/build-numbers.html
+++ b/en/source/build-numbers.html
@@ -208,6 +208,30 @@
</thead>
<tbody>
<tr>
+ <td>OPR5.170623.007</td>
+ <td>android-8.0.0_r17</td>
+ <td>Oreo</td>
+ <td>Nexus 6P</td>
+ </tr>
+ <tr>
+ <td>OPR4.170623.009</td>
+ <td>android-8.0.0_r16</td>
+ <td>Oreo</td>
+ <td>Nexus 5X</td>
+ </tr>
+ <tr>
+ <td>OPR3.170623.008</td>
+ <td>android-8.0.0_r15</td>
+ <td>Oreo</td>
+ <td>Pixel XL, Pixel</td>
+ </tr>
+ <tr>
+ <td>OPR1.170623.027</td>
+ <td>android-8.0.0_r13</td>
+ <td>Oreo</td>
+ <td>Pixel XL, Pixel, Pixel C</td>
+ </tr>
+ <tr>
<td>OPR6.170623.021</td>
<td>android-8.0.0_r12</td>
<td>Oreo</td>
@@ -425,6 +449,30 @@
<td>Pixel C</td>
</tr>
<tr>
+ <td>N9F27M</td>
+ <td>android-7.1.1_r58</td>
+ <td>Nougat</td>
+ <td>Nexus 9 (volantis)</td>
+ </tr>
+ <tr>
+ <td>NGI77B</td>
+ <td>android-7.1.1_r57</td>
+ <td>Nougat</td>
+ <td>Nexus 6</td>
+ </tr>
+ <tr>
+ <td>N6F27M</td>
+ <td>android-7.1.1_r55</td>
+ <td>Nougat</td>
+ <td>Nexus 6</td>
+ </tr>
+ <tr>
+ <td>N4F27P</td>
+ <td>android-7.1.1_r54</td>
+ <td>Nougat</td>
+ <td>Nexus 9 (volantisg)</td>
+ </tr>
+ <tr>
<td>N9F27L</td>
<td>android-7.1.1_r53</td>
<td>Nougat</td>
diff --git a/en/source/building.html b/en/source/building.html
index a499252..4a4bf56 100644
--- a/en/source/building.html
+++ b/en/source/building.html
@@ -32,18 +32,21 @@
<p>AOSP cannot be used from pure source code only and requires additional
hardware-related proprietary libraries to run, such as for hardware
graphics acceleration. See the sections below for download links and <a
-href="requirements.html#binaries">Device binaries requirements</a> for
-additional resources.</p>
+href="requirements.html#binaries">Device binaries</a> for additional
+resources.</p>
+
+<p class ="note">Some devices package these proprietary binaries on their
+<code>/vendor</code> partition.</p>
<h3 id="downloading-proprietary-binaries">Download proprietary binaries</h3>
<p>You can download official binaries for the supported devices running tagged
AOSP release branches from <a
-href="https://developers.google.com/android/nexus/drivers">Google's Nexus
-driver page</a>. These binaries add access to additional hardware capabilities
+href="https://developers.google.com/android/drivers">Google's
+drivers</a>. These binaries add access to additional hardware capabilities
with non-open source code. To instead build the AOSP master branch, use the
-<a href="https://developers.google.com/android/nexus/blobs-preview">Binaries
-Preview for Nexus Devices</a>. When building the master branch for a device, use
+<a href="https://developers.google.com/android/blobs-preview">Binaries
+Preview</a>. When building the master branch for a device, use
the binaries for the <a href="/source/build-numbers.html">most recent
numbered release</a> or with the most recent date.</p>
diff --git a/en/source/devices.html b/en/source/devices.html
index b3e7b51..0162ae4 100644
--- a/en/source/devices.html
+++ b/en/source/devices.html
@@ -28,9 +28,6 @@
<a href="/source/build-numbers.html#source-code-tags-and-builds">Source Code,
Tags, and Builds</a>.</p>
-<p class="note"><strong>Note:</strong> Due to hardware differences, do not use
-Android 4.1.1 on a Nexus 7 originally sold with Android 4.1.2 or later.</p>
-
<p>You can also create builds for
<a href="https://android.googlesource.com/device/linaro/hikey/" class="external">HiKey</a>
Android reference boards, which are designed to help non-Nexus component vendors
@@ -335,12 +332,12 @@
<code class="devsite-terminal">adb push device/google/contexthub/firmware/out/nanohub/neonkey/full.bin /data/local/tmp</code>
</pre>
</li>
-<li>To enable Neonkey, enter boot mode using one of the following methods:
-<ul>
+<li>To enable Neonkey, enter boot mode using the following method:
+<ol>
<li>Connect BOOT0 to 1V8 (link JTAG P4 1-5 pins)</li>
<li>Hold USR button</li>
<li>Push RST button</li>
-</ul>
+</ol>
</li>
<li>To upload the firmware:
<pre class="devsite-click-to-copy">
diff --git a/en/source/requirements.html b/en/source/requirements.html
index c2d8ba8..97f8678 100644
--- a/en/source/requirements.html
+++ b/en/source/requirements.html
@@ -61,13 +61,54 @@
href="initializing.html">Establishing a Build Environment</a> for
additional required packages and the commands to install them.</p>
-<h3 id=operating-system>Operating system</h3>
+<h3 id=latest-version>OS and JDK</h3>
+
+<p>If you are developing against the AOSP <code>master</code> branch, use one
+of these operating systems: Ubuntu 14.04 (Trusty) or Mac OS v10.10 (Yosemite)
+or later with Xcode 4.5.2 and Command Line Tools.</p>
+
+<p>For the Java Development Kit (JDK), note the <code>master</code> branch of
+Android in AOSP comes with a prebuilt version of OpenJDK; so no additional
+installation is required. Older versions require a separate install.</p>
+
+<p>See <a href="#older-versions">Packages for older versions</a>.
+
+<h3 id=packages>Key packages</h3>
+ <ul>
+ <li>Python 2.6 -- 2.7 from <a href="http://www.python.org/download/">python.org</a></li>
+ <li>GNU Make 3.81 -- 3.82 from <a href="http://ftp.gnu.org/gnu/make/">gnu.org</a>
+ <li>Git 1.7 or newer from <a href="http://git-scm.com/download">git-scm.com</a></li>
+ </ul>
+
+<h3 id=binaries>Device binaries</h3>
+<p>Download previews, factory images, drivers, over-the-air (OTA) updates, and
+other blobs below. See <a
+ href="/source/building.html#obtaining-proprietary-binaries">Obtaining
+ proprietary binaries</a> for additional details.</p>
+ <ul>
+ <li><a href="https://developers.google.com/android/blobs-preview">Preview
+ binaries (blobs)</a> - for AOSP <code>master</code> branch
+ development</li>
+ <li><a href="https://developers.google.com/android/images">Factory
+ images</a> - for the supported devices running tagged AOSP release
+ branches</li>
+ <li><a href="https://developers.google.com/android/drivers">Binary
+ hardware support files</a> - for devices running tagged AOSP release
+ branches</li>
+ </ul>
+
+<h3 id=older-versions>Packages for older versions</h3>
+
+<p>The sections below provide relevant operating systems and JDK packages for
+older versions of Android.</p>
+
+<h4 id=operating-system>Operating system</h4>
<p>Android is typically built with a GNU/Linux or Mac OS operating system. It is
also possible to build Android in a virtual machine on unsupported systems such
as Windows.</br>
-<h4 id=linux>GNU/Linux</h4>
+ <h5 id=linux>GNU/Linux</h5>
<ul>
<li>Android 6.0 (Marshmallow) - AOSP master: Ubuntu 14.04 (Trusty)</li>
@@ -75,7 +116,7 @@
<li>Android 1.5 (Cupcake) - Android 2.2.x (Froyo): Ubuntu 10.04 (Lucid)</li>
</ul>
-<h4 id=mac>Mac OS (Intel/x86)</h4>
+<h5 id=mac>Mac OS (Intel/x86)</h5>
<ul>
<li>Android 6.0 (Marshmallow) - AOSP master: Mac OS v10.10 (Yosemite) or
@@ -90,13 +131,10 @@
SDK</li>
</ul>
-<h3 id=jdk>Java Development Kit (JDK)</h3>
+<h4 id=jdk>JDK</h4>
-<p>Please note, the <code>master</code> branch of Android in AOSP comes with a
-prebuilt version of OpenJDK, so no additional installation is required. Older
-versions require a separate install. See <a
-href="initializing.html#installing-the-jdk">Installing the JDK</a> for the
-prebuilt path and installation instructions for older versions.</p>
+<p>See <a href="initializing.html#installing-the-jdk">Installing the JDK</a>
+for the prebuilt path and installation instructions for older versions.</p>
<ul>
<li>Android 7.0 (Nougat) - Android 8.0 (O release): Ubuntu - <a
href="http://openjdk.java.net/install/">OpenJDK 8</a>, Mac OS - <a
@@ -112,34 +150,10 @@
href="http://www.oracle.com/technetwork/java/javase/archive-139210.html">Java JDK 5</a></li>
</ul>
-<h3 id=packages>Key packages</h3>
- <ul>
- <li>Python 2.6 -- 2.7 from <a href="http://www.python.org/download/">python.org</a></li>
- <li>GNU Make 3.81 -- 3.82 from <a
- href="http://ftp.gnu.org/gnu/make/">gnu.org</a>; Android 3.2.x (Honeycomb) and
- earlier will need to <a href="initializing.html#reverting-from-make-382">revert
- from make 3.82</a> to avoid build errors</li>
- <li>Git 1.7 or newer from <a href="http://git-scm.com/download">git-scm.com</a></li>
- </ul>
-
-<h3 id=binaries>Device binaries</h3>
-<p>Download previews, factory images, drivers, over-the-air (OTA) updates, and
-other blobs below. See <a
-href="/source/building.html#obtaining-proprietary-binaries">Obtaining
-proprietary binaries<a> for additional details.</p>
- <ul>
- <li><a
- href="https://developers.google.com/android/nexus/blobs-preview">Preview
- binaries (blobs)</a> - for AOSP <code>master</code> branch development</li>
- <li><a href="https://developers.google.com/android/nexus/images">Factory
- images</a> - for the supported devices running tagged AOSP release
- branches</li>
- <li><a href="https://developers.google.com/android/nexus/drivers">Binary
- hardware support files</a> - for devices running tagged AOSP release
- branches</li>
- <li><a href="https://developers.google.com/android/nexus/ota">OTA images</a>
- - for manually updating Nexus devices over the air</li>
- </ul>
+ <h4 id=make>Make</h4>
+ <p> Android 4.0.x (Ice Cream Sandwich) and earlier will need to <a
+ href="initializing.html#reverting-from-make-382">revert from make 3.82</a>
+ to avoid build errors</p>.
</body>
</html>
diff --git a/en/source/running.html b/en/source/running.html
index 486fa9c..c4314de 100644
--- a/en/source/running.html
+++ b/en/source/running.html
@@ -283,21 +283,10 @@
<p>The recommended builds for devices are available from the <code>lunch</code>
menu, accessed when running the <code>lunch</code> command with no arguments.
You can download factory images and binaries for Nexus devices from
-developers.google.com:</p>
-
-<ul>
-<li><a href="https://developers.google.com/android/nexus/blobs-preview" class="external">Preview
-binaries (blobs)</a></li>
-<li><a href="https://developers.google.com/android/nexus/images" class="external">Factory
-images for released devices</a></li>
-<li><a href="https://developers.google.com/android/nexus/drivers" class="external">Support
-binaries (drivers) for release devices</a></li>
-</ul>
-
-<p>For details and additional resources, see
-<a href="building.html#obtaining-proprietary-binaries">Obtaining proprietary
-binaries</a> and <a href="requirements.html#binaries">Device binaries
-requirements</a>.</p>
+developers.google.com. See <a href="/source/requirements#binaries">Device
+binaries</a> for downloads. For details and additional resources, see <a
+href="building.html#obtaining-proprietary-binaries">Obtaining proprietary
+binaries</a>.
<table>
<thead>
diff --git a/en/source/using-repo.html b/en/source/using-repo.html
index 2c0d62a..b84d9d2 100644
--- a/en/source/using-repo.html
+++ b/en/source/using-repo.html
@@ -55,7 +55,14 @@
<h2 id="init">init</h2>
<pre class="devsite-terminal devsite-click-to-copy">repo init -u <var><URL></var> [<var><OPTIONS></var>]
</pre>
-<p>Installs Repo in the current directory. This creates a <code>.repo/</code> directory that contains Git repositories for the Repo source code and the standard Android manifest files. The <code>.repo/</code> directory also contains <code>manifest.xml</code>, which is a symlink to the selected manifest in the <code>.repo/manifests/</code> directory.</p>
+<p>Installs Repo in the current directory. This creates a <code>.repo/</code>
+directory that contains Git repositories for the Repo source code and the
+standard Android manifest files. The <code>.repo/</code> directory also
+contains <code>manifest.xml</code>, which is a symlink to the selected manifest
+in the <code>.repo/manifests/</code> directory. See <a
+ href="https://gerrit.googlesource.com/git-repo/+/master/docs/manifest-format.txt"
+ class="external">manifest-format.txt</a> for instructions on updating the
+ manifest.</p>
<p>Options:</p>
<ul>
<li>
