February's batch of factory images started turning up earlier today and Google followed up with a push to AOSP a few hours later. As usual, we've got some changelogs to look over. The focus this month appears to be entirely on sealing any holes that could be used by bad people to do bad things.
Google posted a security bulletin with a list of fixes found in this release, and there are a few pretty big ones this month. Five items have been tagged Critical, including two that allowed for remote code execution without any user interaction, and the remaining three could have been used for privilege escalation. Read More
The monthly security update for January is starting to roll out to Nexus devices. Factory images turned up yesterday morning and now we've got some changelogs from the Android Open Source Project (AOSP) if you're interested in taking a deeper look at exactly how things have been tweaked.
Unlike the 6.0.1 release in December, this month's adjustments appear to be entirely focused on security fixes. Google has a bulletin describing the relevant security issues addressed with this release. There are also a couple of builds specific to the Pixel C, including one that appears quite large. Like some of the previous changelogs, this is merely because it technically starts from a base version (i.e. Read More
The factory images have landed and the OTAs are about to start rolling out shortly. As we already know, there are new emoji to fill out the Unicode 8.0 spec, band 12 support for T-Mobile, "until next alarm" for do not disturb mode, and a shortcut to launch the camera with a double-click of the power button. The December security updates are also an important part of the latest update. Of course, these aren't the only changes that take place, so we generate changelogs from the Android source code to find some of the other things going on with the OS. Read More
Google's monthly security updates are out in the form of factory images, and that means it's time for some new code in AOSP. Since these versions are dedicated to closing security holes, there certainly won't be any new features and the bug fixes probably won't have much effect on battery life or performance, but they will keep the baddies from treating your phone like it runs an old version of Windows.
A number of serious vulnerabilities were fixed in this release, including two critical issues that could be used for remote code execution. Details have been posted on the Nexus Security Bulletin. Read More
Google releases an Android app each year providing Google I/O attendees with the schedule for the upcoming conference, and it uses the opportunity to show off how an Android app is supposed to feel. Then a couple months later it releases the source code, providing developers with a look at best practices. The source code for 2015's app has taken longer to arrive than last year's, but at last, it's here.
The Google I/O 2014 app arrived during the pre-Lollipop time when full material design wasn't yet possible on most Android devices due to the lack of the necessary APIs. Read More
With any update to Android, it can be good to know more than just the major features and changes. Sometimes we've got to dig into the deepest little adjustments to figure out why something is working better – or worse – than before. We've now got the changelogs posted for all of the Android versions released yesterday, including both the major update to Android 6.0 Marshmallow and the much smaller 5.1.1 security updates for October.
The v5.1.1 updates aren't very exciting since they only account for about a dozen security fixes. The changelogs may not even be the best way to read about what has changed because there's a post in the Android Security Updates group that lists each of the issues that have been resolved with this month's updates. Read More
T-Mobile began rolling out security-centric updates to Nexus devices yesterday. As we already know, there aren't any big changes due out in this release, but Google has pushed the latest code up to the Android Open Source Project (AOSP) for the world to see. As usual, we've put together a changelog for easy reading.
Updates for T-Mobile devices are built from a dedicated branch in AOSP with custom code to support the Wi-Fi calling feature. As it turns out, the list of changes for this update to LMY48M closely resembles the r6 to r9 update from last month, otherwise known as the update that (mostly) fixed Stagefright. Read More
Earlier today, Google released updated factory images for all of its supported Nexus devices to patch up some reasonably serious vulnerabilities in a core Android library called Stagefright. While we await the stream of OTAs that are sure to follow, there's a fresh code drop to the Android Open Source Project containing security-related patches. Don't expect to see any new features or user-facing changes, this one is all about closing loopholes. Nevertheless, there are some interesting things to peek at.
A quick look at the changelog shows the highest concentration of fixes were made to frameworks/av (audio/visual), which is used extensively in the Stagefright library. Read More