A little earlier today Google posted the Android 6.0.1 security updates for June to the AOSP changelog. Being the responsible Android citizen that it is (well, most of the time), Samsung has immediately followed suit with its own list of code updates. These are the issues that are problems for specific Samsung devices and their related software builds, or at least, the ones that have been addressed since the same security bulletin last month. As usual, they're limited to "major flagship models."

The list contains five items on top of the security patches mentioned by Google's own changelog: an external storage vulnerability, control through a locked device, a minor SIM lock issue, an email encryption configuration error, and a certificate signature bypass check for fingerprint readers. The problems ranged from high severity, allowing malicious app installations or possibly even total device control, to low severity, causing minor bugs and usability issues. Builds from Android 4.4 all the way through 6.0 were affected by different problems.

This bulletin is just documentation of the bugs themselves and the fact that the patches to repair them are ready. It will probably be several weeks or even months before they make it to phones... and it's almost certain that a good number of older devices won't ever be patched. And that's without taking the delay of carrier certification for OTA updates into account.

Source: Samsung Mobile Security Blog