S
seluce
Gast
Habe mich ein wenig mit der Manifest-Dateien von den Custom ROMs (RR 5.8.5, DotOS1.2 und CrDroid 3.8.9) beschäftigt.
Durch mein n_asb skript patche ich bereits eine Menge mit rein, jedoch fehlen einige Repos, welche nicht in der Manifest-Datei sind.
Habe deswegen die Manifest-Dateien der Custom-ROMs geforkt und anschließend durch die gepatchten Repos ergänzt.
GitHub DotOS 1.2 Reborn Manifest: seluce/nougat_platform_manifest
Durch mein eigenes Manfiest habe ich jeden Patch mit dabei, der so draußen ist. Dadurch haben wir noch mehr Security-fixes, webview ist aktueller, bug fixes, etc.
Download: DotOS 1.2 – Google Drive
Welche Änderungen hat DotOS1.2 Reborn?
Durch mein n_asb skript patche ich bereits eine Menge mit rein, jedoch fehlen einige Repos, welche nicht in der Manifest-Datei sind.
Habe deswegen die Manifest-Dateien der Custom-ROMs geforkt und anschließend durch die gepatchten Repos ergänzt.
GitHub DotOS 1.2 Reborn Manifest: seluce/nougat_platform_manifest
Durch mein eigenes Manfiest habe ich jeden Patch mit dabei, der so draußen ist. Dadurch haben wir noch mehr Security-fixes, webview ist aktueller, bug fixes, etc.
Download: DotOS 1.2 – Google Drive
Welche Änderungen hat DotOS1.2 Reborn?
====================
2019-10-29
====================
art
7ac4e6b Use conservative permissions when creating files in ART [Calin Juravle]
build
1dbed07 Bump Security String to 2019-10-05 [Vasyl Gello]
b63ae6b Bump Security String to 2019-09-05 [Kevin F. Haggerty]
4da7485 Bump Security String to 2019-08-05 [Vasyl Gello]
e40a7c9 Bump Security String to 2019-07-05 [Vasyl Gello]
7265af4 Bump Security String to 2019-06-05 [syphyr]
38e69f5 Bump Security String to 2019-05-05 [Vasyl Gello]
e33f349 Bump Security String to 2019-04-05 [Vasyl Gello]
23f6924 Bump Security Patch Level to 2019-03-01 [Tim Schumacher]
98903ac Bump Security Patch Level to 2019-02-05 [syphyr]
b891599 Bump Security Patch Level to 2019-01-05 [syphyr]
1811d2a Bump Security Patch Level to 2018-12-05 [Vasyl Gello]
ac397c0 Security string to 2018-11-05 [syphyr]
771bb57 Security string to 2018-10-05 [syphyr]
7cb772b Security string to 2018-09-05 [syphyr]
ff8ce08 Security string to 2018-08-05 [syphyr]
d33f9e2 Security string to 2018-07-05 [MSe]
b3b1616 Bump security string to 2018-06-05 [MSe]
a39e1f6 Bump security patch level to 2018-05-05 [MSe]
251722c Bump security patch level to 2018-04-05 [Moritz Horstmann]
a333c0c Bump security patch level to 2018-03-05 [Moritz Horstmann]
a743958 Specify --max_timestamp when calling brillo_update_payload. [Tao Bao]
external/skia
3fe8394 RESTRICT AUTOMERGE: Add SkAndroidFrameworkUtils::SafetyNetLog [Leon Scroggins III]
f423653 RESTRICT AUTOMERGE: Fix heap buffer overflow [Leon Scroggins III]
f4213d2 BACKPORT: Cherry-pick "begin cleanup of malloc porting layer" [Mike Reed]
frameworks/av
e569912 m4v_h263: add a test for invalid/negative value [Dongwon Kang]
7e40bc2 Fix OOB access in mpeg4/h263 decoder [Marco Nelissen]
8593657 Remove unused AVIExtractor source [Ray Essick]
da8f305 AudioFlinger: Prevent multiple effect chains with same sessionId [Andy Hung]
f574695 audio: ensure effect chain with specific session id is unique [Weiyin Jiang]
e28fc84 NuPlayerCCDecoder: fix memory OOB [Wei Jia]
a27d020 Reserve enough space for RTSP CSD [Ray Essick]
ecfdfd6 CTS error while media dump() [ray-cy.lee]
570fdeb MediaExtractor: stop rendering when an error occurs [akirilov]
d7c7932 Check for overflow of crypto size [Marco Nelissen]
35262be Fix information disclosure in mediadrmserver [Jeff Tinker]
cb92c91 M3UParser: handle missing EXT-X-MEDIA URIs [Robert Shih]
e13dcca M3UParser: make url on demand [Robert Shih]
f8dd676 Fix possible out of bounds read [Marco Nelissen]
2028799 Speed up id3v2 unsynchronization [Robert Shih]
7e586ee Add check preventing div0 issue [Ryszard Grzesica]
a92f9a1 Init gain config to prevent uninit leak. [jiabin]
3e6cee5 Handle bad bitrate index in mp3dec. [Dongwon Kang]
3db2fe7 better mpeg2 TS elementary stream Access Unit parsing [Ray Essick]
e91fc54 Revert "libmediaplayerservice: fix deadlock on gapless start failure" [Moritz Horstmann]
e7eca07 Prevent MediaPlayerService::Client's use-after-free [Pawin Vongmasa]
bb9880b Check NAL size before looking inside [Ray Essick]
9a07040 M3UParser: detect variant streams without EXT-X-STREAM-INF [Robert Shih]
c6c41d8 AACExtractor: check bounds during seek [Robert Shih]
frameworks/base
ddd00af [RESTRICT AUTOMERGE] Pass correct realCallingUid to startActivity() from startActivityInPackage [Bryan Ferris]
9ebbc61 Fix Layout.primaryIsTrailingPreviousAllLineOffsets [Mihai Popa]
0e2dc11 HidProfile: sync isPreferred() with HidHostService [Chienyuan]
c7a0d71 Clear the Parcel before writing an exception during a transaction [Michael Wachenschwanz]
ca76f07 Protect VPN dialogs against overlay. [Chalard Jean]
4b465a4 Make Lock task default behaviour consistent with Settings. [Jonathan Scott]
4fb3954 [BACKPORT]NetworkManagement : Add ability to restrict app vpn usage [Uldiniad]
9851ead Adding SUPL NI Emergency Extension Time [WyattRiley]
4eebe02 Add cross user permission check - areNotificationsEnabledForPackage [Julia Reynolds]
4896a1f Limit IsSeparateProfileChallengeAllowed to system callers [Pavel Grafov]
60b3d70 Permission Check For DPM.getPermittedAccessibilityServices [Eran Messeri]
8365f54 Added missing permission check to isPackageDeviceAdminOnAnyUser. [Varun Shah]
001d2dc DO NOT MERGE - SUPL ES Extension - Safer Init and Not After Boot [WyattRiley]
bd74d03 Select only preinstalled Spell Checker Services [Guliz Tuncay]
475833b RESTRICT AUTOMERGE Do not linkify text with RLO/LRO characters. [Tony Mak]
6c4fb8f RESTRICT AUTOMERGE: Recover shady content:// paths. [Jeff Sharkey]
1bad993 Pass userId through to singleton ContentProviders [Robin Lee]
59c24d6 Changing SUPL_ES=1 for SUPL end point control [Wayne Lin]
95cd1db Verify number of Map entries written to Parcel [Michael Wachenschwanz]
8fe7372 Add support for search in DownloadManager. [Ben Lin]
c10cfef DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete. [Jeff Sharkey]
2f55060 DO NOT MERGE. Persistable Uri grants still require permissions. [Jeff Sharkey]
21d115d Always create grant structures when persistable. [Jeff Sharkey]
a2afac3 DO NOT MERGE. Execute "strict" queries with extra parentheses. [Jeff Sharkey]
dff300a Fix crash during cursor moving on BiDi text [Seigo Nonaka]
ea9af3e Optimise the hit test algorithm [Mihai Popa]
23b773f Fix TrackInfo parcel write [Robert Shih]
c535f18 Resolve inconsistent parcel read in NanoAppFilter [Arthur Ishiguro]
214ea38 Make safe label more safe [Todd Kennedy]
3a001c0 ResStringPool: Prevenet boot loop from se fix [Ryan Mitchell]
2fb6853 Fix DynamicRefTable::load security bug [Ryan Mitchell]
e71be1a DO NOT MERGE Truncate newline and tab characters in BluetoothDevice name [Hansong Zhang]
5da9390 ResStringPool: Fix security vulnerability [rtmitchell@google.com]
7d53734 Add NETWORK_STACK permission [Rebecca Silberstein]
76b45c1 Copy PermissionChecker from support lib and use in RcognitionService [Eugene Susla]
d865813 Fixed Security Vulnerability of DcParamObject [Pengquan Meng]
a821ab2 Add permission check to setAllowOnlyVpnForUids [Rubin Xu]
9a6bf2e Verify last array's length in readFromParcel [Fyodor Kupolov]
db84422 Update internal ViewPager's SavedState to match Support Library version [Alan Viverette]
0c2f603 Check for null-terminator in ResStringPool::string8At [Adam Lesinski]
3840437 [RTT] ParcelableRttResults parcel code fix [Etan Cohen]
fc0d383 Fix VerifyCredentialResponse parcelling code [Rubin Xu]
frameworks/native
4593828 Fix race between SensorManager ctor and callback [Brian Duddie]
7cda6b6 Free mObjects if no objects left to realloc on resize [Michael Wachenschwanz]
9f5bfdb libbinder: readCString: no ubsan sub-overflow [Steven Moreland]
b07ee02 libbinder: Status: check dataPosition sets. [Bryan Ferris]
806bd35 Sanitize InputMessage before sending [Siarhei Vishniakou]
52b1706 Increment when attempting to read protected Parcel Data [Michael Wachenschwanz]
64a7abe Disallow reading object data from Parcels with non-object reads [Michael Wachenschwanz]
5b90d3d Don't pad before calling writeInPlace(). [Martijn Coenen]
libcore
8361705 Fix hostname parsing in java.net.URLStreamHandler. [Pete Bentley]
packages/apps/Contacts
05f20d6 Patch URI vulnerability in contact photo editing [Gary Mai]
packages/apps/PackageInstaller
0c1bc81 RESTRICT AUTOMERGE: Always use safe labels [Todd Kennedy]
packages/apps/Settings
dea2c8b Make ScreenPinningSettings behaviour consistent with lock tasks. [Jonathan Scott]
e0accf5 Do not allow draw on top for App notification settings [Raff Tsai]
7e3b2e8 [BACKPORT]Settings: per-app VPN data restriction [Uldiniad]
cd1791d Do not allow draw on top for default sms picker. [Fan Zhang]
a136e32 BACKPORT: Disable changing lock when device is not provisioned. [Doris Ling]
7aab71c Merge translations of Bluetooth confirmation text [Antony Sargent]
48ba9af DO NOT MERGE Fix unexpected behavior in Bluetooth pairing [Hansong Zhang]
system/core
b06dd05 Fix a memory leak in gatekeeper. [Janis Danisevskis]
12269b5 String16: remove integer overflows [Steven Moreland]
2019-10-29
====================
art
7ac4e6b Use conservative permissions when creating files in ART [Calin Juravle]
build
1dbed07 Bump Security String to 2019-10-05 [Vasyl Gello]
b63ae6b Bump Security String to 2019-09-05 [Kevin F. Haggerty]
4da7485 Bump Security String to 2019-08-05 [Vasyl Gello]
e40a7c9 Bump Security String to 2019-07-05 [Vasyl Gello]
7265af4 Bump Security String to 2019-06-05 [syphyr]
38e69f5 Bump Security String to 2019-05-05 [Vasyl Gello]
e33f349 Bump Security String to 2019-04-05 [Vasyl Gello]
23f6924 Bump Security Patch Level to 2019-03-01 [Tim Schumacher]
98903ac Bump Security Patch Level to 2019-02-05 [syphyr]
b891599 Bump Security Patch Level to 2019-01-05 [syphyr]
1811d2a Bump Security Patch Level to 2018-12-05 [Vasyl Gello]
ac397c0 Security string to 2018-11-05 [syphyr]
771bb57 Security string to 2018-10-05 [syphyr]
7cb772b Security string to 2018-09-05 [syphyr]
ff8ce08 Security string to 2018-08-05 [syphyr]
d33f9e2 Security string to 2018-07-05 [MSe]
b3b1616 Bump security string to 2018-06-05 [MSe]
a39e1f6 Bump security patch level to 2018-05-05 [MSe]
251722c Bump security patch level to 2018-04-05 [Moritz Horstmann]
a333c0c Bump security patch level to 2018-03-05 [Moritz Horstmann]
a743958 Specify --max_timestamp when calling brillo_update_payload. [Tao Bao]
external/skia
3fe8394 RESTRICT AUTOMERGE: Add SkAndroidFrameworkUtils::SafetyNetLog [Leon Scroggins III]
f423653 RESTRICT AUTOMERGE: Fix heap buffer overflow [Leon Scroggins III]
f4213d2 BACKPORT: Cherry-pick "begin cleanup of malloc porting layer" [Mike Reed]
frameworks/av
e569912 m4v_h263: add a test for invalid/negative value [Dongwon Kang]
7e40bc2 Fix OOB access in mpeg4/h263 decoder [Marco Nelissen]
8593657 Remove unused AVIExtractor source [Ray Essick]
da8f305 AudioFlinger: Prevent multiple effect chains with same sessionId [Andy Hung]
f574695 audio: ensure effect chain with specific session id is unique [Weiyin Jiang]
e28fc84 NuPlayerCCDecoder: fix memory OOB [Wei Jia]
a27d020 Reserve enough space for RTSP CSD [Ray Essick]
ecfdfd6 CTS error while media dump() [ray-cy.lee]
570fdeb MediaExtractor: stop rendering when an error occurs [akirilov]
d7c7932 Check for overflow of crypto size [Marco Nelissen]
35262be Fix information disclosure in mediadrmserver [Jeff Tinker]
cb92c91 M3UParser: handle missing EXT-X-MEDIA URIs [Robert Shih]
e13dcca M3UParser: make url on demand [Robert Shih]
f8dd676 Fix possible out of bounds read [Marco Nelissen]
2028799 Speed up id3v2 unsynchronization [Robert Shih]
7e586ee Add check preventing div0 issue [Ryszard Grzesica]
a92f9a1 Init gain config to prevent uninit leak. [jiabin]
3e6cee5 Handle bad bitrate index in mp3dec. [Dongwon Kang]
3db2fe7 better mpeg2 TS elementary stream Access Unit parsing [Ray Essick]
e91fc54 Revert "libmediaplayerservice: fix deadlock on gapless start failure" [Moritz Horstmann]
e7eca07 Prevent MediaPlayerService::Client's use-after-free [Pawin Vongmasa]
bb9880b Check NAL size before looking inside [Ray Essick]
9a07040 M3UParser: detect variant streams without EXT-X-STREAM-INF [Robert Shih]
c6c41d8 AACExtractor: check bounds during seek [Robert Shih]
frameworks/base
ddd00af [RESTRICT AUTOMERGE] Pass correct realCallingUid to startActivity() from startActivityInPackage [Bryan Ferris]
9ebbc61 Fix Layout.primaryIsTrailingPreviousAllLineOffsets [Mihai Popa]
0e2dc11 HidProfile: sync isPreferred() with HidHostService [Chienyuan]
c7a0d71 Clear the Parcel before writing an exception during a transaction [Michael Wachenschwanz]
ca76f07 Protect VPN dialogs against overlay. [Chalard Jean]
4b465a4 Make Lock task default behaviour consistent with Settings. [Jonathan Scott]
4fb3954 [BACKPORT]NetworkManagement : Add ability to restrict app vpn usage [Uldiniad]
9851ead Adding SUPL NI Emergency Extension Time [WyattRiley]
4eebe02 Add cross user permission check - areNotificationsEnabledForPackage [Julia Reynolds]
4896a1f Limit IsSeparateProfileChallengeAllowed to system callers [Pavel Grafov]
60b3d70 Permission Check For DPM.getPermittedAccessibilityServices [Eran Messeri]
8365f54 Added missing permission check to isPackageDeviceAdminOnAnyUser. [Varun Shah]
001d2dc DO NOT MERGE - SUPL ES Extension - Safer Init and Not After Boot [WyattRiley]
bd74d03 Select only preinstalled Spell Checker Services [Guliz Tuncay]
475833b RESTRICT AUTOMERGE Do not linkify text with RLO/LRO characters. [Tony Mak]
6c4fb8f RESTRICT AUTOMERGE: Recover shady content:// paths. [Jeff Sharkey]
1bad993 Pass userId through to singleton ContentProviders [Robin Lee]
59c24d6 Changing SUPL_ES=1 for SUPL end point control [Wayne Lin]
95cd1db Verify number of Map entries written to Parcel [Michael Wachenschwanz]
8fe7372 Add support for search in DownloadManager. [Ben Lin]
c10cfef DO NOT MERGE. Extend SQLiteQueryBuilder for update and delete. [Jeff Sharkey]
2f55060 DO NOT MERGE. Persistable Uri grants still require permissions. [Jeff Sharkey]
21d115d Always create grant structures when persistable. [Jeff Sharkey]
a2afac3 DO NOT MERGE. Execute "strict" queries with extra parentheses. [Jeff Sharkey]
dff300a Fix crash during cursor moving on BiDi text [Seigo Nonaka]
ea9af3e Optimise the hit test algorithm [Mihai Popa]
23b773f Fix TrackInfo parcel write [Robert Shih]
c535f18 Resolve inconsistent parcel read in NanoAppFilter [Arthur Ishiguro]
214ea38 Make safe label more safe [Todd Kennedy]
3a001c0 ResStringPool: Prevenet boot loop from se fix [Ryan Mitchell]
2fb6853 Fix DynamicRefTable::load security bug [Ryan Mitchell]
e71be1a DO NOT MERGE Truncate newline and tab characters in BluetoothDevice name [Hansong Zhang]
5da9390 ResStringPool: Fix security vulnerability [rtmitchell@google.com]
7d53734 Add NETWORK_STACK permission [Rebecca Silberstein]
76b45c1 Copy PermissionChecker from support lib and use in RcognitionService [Eugene Susla]
d865813 Fixed Security Vulnerability of DcParamObject [Pengquan Meng]
a821ab2 Add permission check to setAllowOnlyVpnForUids [Rubin Xu]
9a6bf2e Verify last array's length in readFromParcel [Fyodor Kupolov]
db84422 Update internal ViewPager's SavedState to match Support Library version [Alan Viverette]
0c2f603 Check for null-terminator in ResStringPool::string8At [Adam Lesinski]
3840437 [RTT] ParcelableRttResults parcel code fix [Etan Cohen]
fc0d383 Fix VerifyCredentialResponse parcelling code [Rubin Xu]
frameworks/native
4593828 Fix race between SensorManager ctor and callback [Brian Duddie]
7cda6b6 Free mObjects if no objects left to realloc on resize [Michael Wachenschwanz]
9f5bfdb libbinder: readCString: no ubsan sub-overflow [Steven Moreland]
b07ee02 libbinder: Status: check dataPosition sets. [Bryan Ferris]
806bd35 Sanitize InputMessage before sending [Siarhei Vishniakou]
52b1706 Increment when attempting to read protected Parcel Data [Michael Wachenschwanz]
64a7abe Disallow reading object data from Parcels with non-object reads [Michael Wachenschwanz]
5b90d3d Don't pad before calling writeInPlace(). [Martijn Coenen]
libcore
8361705 Fix hostname parsing in java.net.URLStreamHandler. [Pete Bentley]
packages/apps/Contacts
05f20d6 Patch URI vulnerability in contact photo editing [Gary Mai]
packages/apps/PackageInstaller
0c1bc81 RESTRICT AUTOMERGE: Always use safe labels [Todd Kennedy]
packages/apps/Settings
dea2c8b Make ScreenPinningSettings behaviour consistent with lock tasks. [Jonathan Scott]
e0accf5 Do not allow draw on top for App notification settings [Raff Tsai]
7e3b2e8 [BACKPORT]Settings: per-app VPN data restriction [Uldiniad]
cd1791d Do not allow draw on top for default sms picker. [Fan Zhang]
a136e32 BACKPORT: Disable changing lock when device is not provisioned. [Doris Ling]
7aab71c Merge translations of Bluetooth confirmation text [Antony Sargent]
48ba9af DO NOT MERGE Fix unexpected behavior in Bluetooth pairing [Hansong Zhang]
system/core
b06dd05 Fix a memory leak in gatekeeper. [Janis Danisevskis]
12269b5 String16: remove integer overflows [Steven Moreland]
Anhänge
-
Screenshot_20191029-070919.png182,7 KB · Aufrufe: 228
-
Screenshot_20191029-070931.png148 KB · Aufrufe: 224
-
Screenshot_20191029-070944.png121,9 KB · Aufrufe: 225
-
Screenshot_20191029-071042.png116,3 KB · Aufrufe: 239
-
Screenshot_20191029-071052.png117,9 KB · Aufrufe: 251
-
Screenshot_20191029-071057.png124,6 KB · Aufrufe: 243
-
Screenshot_20191029-072045.png137,4 KB · Aufrufe: 229
Zuletzt bearbeitet: