Earlier today, Google released updated factory images for all of its supported Nexus devices to patch up some reasonably serious vulnerabilities in a core Android library called Stagefright. While we await the stream of OTAs that are sure to follow, there's a fresh code drop to the Android Open Source Project containing security-related patches. Don't expect to see any new features or user-facing changes, this one is all about closing loopholes. Nevertheless, there are some interesting things to peek at.

A quick look at the changelog shows the highest concentration of fixes were made to frameworks/av (audio/visual), which is used extensively in the Stagefright library. There are quite a few instances of the words "overflow" and "underflow," which means there were fields that could be given either too much data or too little, and it could cause unexpected results. These oversights are common targets for hackers.

Most of the other changes appear to be a bit less critical, but there aren't too many. Take a look at the list to see if anything jumps out.

Editorial Note: Sorry about the confusion in a previous changelog post. I've worked out the issues with our script that caused incorrect entries to appear in the changelogs. We'll be replacing the old changelogs in the near future with completely accurate listings, and adding a number of other improvements.

Source: Changelog 5.1.1_r6 to r9