Docs: Changes to source.android.com
- 169925052 Added CVE-2017-11120 and CVE-2017-11121 to September publ... by Android Partner Docs <[email protected]>
- 169704024 Replace less secure manual setup of udev rules with DAC d... by claym <[email protected]>
- 169647120 Update documentation for forward references. by Android Partner Docs <[email protected]>
- 169624347 Updating streaming details by hvm <[email protected]>
- 169439761 Replace angler OPR6.170623.017 with OPR6.170623.019. by Android Partner Docs <[email protected]>
- 169435603 Fix insecure wget for Android environment instructions. by Android Partner Docs <[email protected]>
- 169433384 Update build numbers for Fugu O release by Android Partner Docs <[email protected]>
- 169399261 Update ignore paths in security tab for localization by daroberts <[email protected]>
- 169399181 Update ignore paths in Compatibility section for localiza... by daroberts <[email protected]>
- 169299180 Updated acknowledgements for July public security bulleti... by Android Partner Docs <[email protected]>
PiperOrigin-RevId: 169925052
Change-Id: I9f31973956e69e9b43f8df3836af6e77d0adf89b
diff --git a/en/compatibility/_translation.yaml b/en/compatibility/_translation.yaml
index e8b4b18..9ff3ad1 100644
--- a/en/compatibility/_translation.yaml
+++ b/en/compatibility/_translation.yaml
@@ -1,20 +1,20 @@
ignore_paths:
-- /1.6/...
-- /2.1/...
-- /2.2/...
-- /2.3/...
-- /4.0/...
-- /4.1/...
-- /4.2/...
-- /4.3/...
-- /4.4/...
-- /5.0/...
-- /5.1/...
-- /6.0/...
-- /7.0/...
-- /7.1/...
-- /8.0/...
-- /images/...
+- /compatibility/1.6/...
+- /compatibility/2.1/...
+- /compatibility/2.2/...
+- /compatibility/2.3/...
+- /compatibility/4.0/...
+- /compatibility/4.1/...
+- /compatibility/4.2/...
+- /compatibility/4.3/...
+- /compatibility/4.4/...
+- /compatibility/5.0/...
+- /compatibility/5.1/...
+- /compatibility/6.0/...
+- /compatibility/7.0/...
+- /compatibility/7.1/...
+- /compatibility/8.0/...
+- /compatibility/images/...
enable_continuous_translation: True
title: Android Open Source Project Compatibility tab
description: Translations for SAC compatibility tab
diff --git a/en/devices/architecture/hidl/index.html b/en/devices/architecture/hidl/index.html
index 20f4a60..2ff78a1 100644
--- a/en/devices/architecture/hidl/index.html
+++ b/en/devices/architecture/hidl/index.html
@@ -191,8 +191,8 @@
TYPE =
uint8_t | int8_t | uint16_t | int16_t | uint32_t | int32_t | uint64_t | int64_t |
float | double | bool | string
-| identifier // must have been previously typedef'd
- // or defined with struct, union, enum, or import
+| identifier // must be defined as a typedef, struct, union, enum or import
+ // including those defined later in the file
| memory
| pointer
| vec<TYPE>
diff --git a/en/devices/tech/ota/ab_updates.html b/en/devices/tech/ota/ab_updates.html
index 5d51df1..c63f671 100644
--- a/en/devices/tech/ota/ab_updates.html
+++ b/en/devices/tech/ota/ab_updates.html
@@ -42,6 +42,10 @@
<li>Any errors (such as I/O errors) affect only the <strong>unused</strong>
partition set and can be retried. Such errors also become less likely because
the I/O load is deliberately low to avoid degrading the user experience.</li>
+<li>Updates can be streamed to A/B devices, removing the need to download the
+package before installing it. Streaming means it's not necessary for the
+user to have enough free space to store the update package on <code>/data</code>
+or <code>/cache</code>.
<li>The cache partition is no longer used to store OTA update packages, so there
is no need for sizing the cache partition.</li>
<li><a href="/security/verifiedboot/dm-verity.html">dm-verity</a> guarantees a
@@ -171,13 +175,13 @@
</li>
</ul>
-<h2 id="streaming-updates">Streaming updates</h2>
+<h3 id="streaming-updates">Streaming update support</h3>
<p>User devices don't always have enough space on <code>/data</code> to download
the update package. As neither OEMs nor users want to waste space on a
<code>/cache</code> partition, some users go without updates because the device
-has nowhere to store the update package. To address this issue, Android 8.0 adds
-support for streaming A/B updates that write blocks directly to the B partition
-as they are downloaded, without having to store the blocks on
+has nowhere to store the update package. To address this issue, Android 8.0
+added support for streaming A/B updates that write blocks directly to the B
+partition as they are downloaded, without having to store the blocks on
<code>/data</code>. Streaming A/B updates need almost no temporary storage and
require just enough storage for roughly 100 KiB of metadata.</p>
@@ -198,9 +202,9 @@
the RetryTimeoutCallback()</a></li>
</ul>
-<p>These patches are required for Android 7.1 whether using
-<a href="https://www.android.com/gms/">Google Mobile Services (GMS)</a> or any
-other update client.</p>
+<p>These patches are required to support streaming A/B updates in Android 7.1
+whether using <a href="https://www.android.com/gms/">Google Mobile Services
+(GMS)</a> or any other update client.</p>
<h2 id="life-of-an-a-b-update">Life of an A/B update</h2>
diff --git a/en/security/_translation.yaml b/en/security/_translation.yaml
index 66072b4..67867a6 100644
--- a/en/security/_translation.yaml
+++ b/en/security/_translation.yaml
@@ -1,5 +1,5 @@
ignore_paths:
-- /bulletin/...
+- /security/bulletin/...
enable_continuous_translation: True
title: Android Open Source Project Security tab
description: Translations for SAC Security tab
diff --git a/en/security/bulletin/2017-07-01.html b/en/security/bulletin/2017-07-01.html
index 0cfdf8a..7a45b0e 100644
--- a/en/security/bulletin/2017-07-01.html
+++ b/en/security/bulletin/2017-07-01.html
@@ -20,7 +20,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<p><em>Published July 5, 2017 | Updated August 17, 2017</em></p>
+<p><em>Published July 5, 2017 | Updated September 19, 2017</em></p>
<p>The Android Security Bulletin contains details of security vulnerabilities
affecting Android devices. Security patch levels of July 05, 2017 or later
@@ -1574,6 +1574,11 @@
Tencent Security Platform Department</td>
</tr>
<tr>
+ <td>CVE-2017-0710</td>
+ <td>Zach Riggle (<a href="//twitter.com/ebeip90">@ebeip90</a>) of the
+Android Security Team</td>
+ </tr>
+ <tr>
<td>CVE-2017-0678</td>
<td><a href="//weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security
Response Center, Qihoo 360 Technology Co. Ltd.</td>
@@ -1733,6 +1738,11 @@
<td>August 17, 2017</td>
<td>Bulletin revised to update reference numbers.</td>
</tr>
+ <tr>
+ <td>1.4</td>
+ <td>September 19, 2017</td>
+ <td>Updated acknowledgements for CVE-2017-0710.</td>
+ </tr>
</table>
</body>
</html>
diff --git a/en/security/bulletin/2017-09-01.html b/en/security/bulletin/2017-09-01.html
index 3a0daf4..5f7fa15 100644
--- a/en/security/bulletin/2017-09-01.html
+++ b/en/security/bulletin/2017-09-01.html
@@ -20,7 +20,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
- <p><em>Published September 5, 2017 | Updated September 13, 2017</em></p>
+ <p><em>Published September 5, 2017 | Updated September 25, 2017</em></p>
<p>The Android Security Bulletin contains details of security vulnerabilities
affecting Android devices. Security patch levels of September 05, 2017 or later
@@ -533,6 +533,22 @@
<th>Component</th>
</tr>
<tr>
+ <td>CVE-2017-11120</td>
+ <td>A-62575409<a href="#asterisk">*</a><br />
+ B-V2017061204</td>
+ <td>RCE</td>
+ <td>Critical</td>
+ <td>Wi-Fi driver</td>
+ </tr>
+ <tr>
+ <td>CVE-2017-11121</td>
+ <td>A-62576413<a href="#asterisk">*</a><br />
+ B-V2017061205</td>
+ <td>RCE</td>
+ <td>Critical</td>
+ <td>Wi-Fi driver</td>
+ </tr>
+ <tr>
<td>CVE-2017-7065</td>
<td>A-62575138<a href="#asterisk">*</a><br />
B-V2017061202</td>
@@ -1379,6 +1395,12 @@
<td>September 13, 2017</td>
<td>Bulletin revised to include AOSP links.</td>
</tr>
+ <tr>
+ <td>1.3</td>
+ <td>September 25, 2017</td>
+ <td>Added details for CVE-2017-11120 and CVE-2017-11121
+as part of industry-coordinated disclosure.</td>
+ </tr>
</table>
</body>
</html>
diff --git a/en/source/51-android.txt b/en/source/51-android.txt
deleted file mode 100644
index 9e7963e..0000000
--- a/en/source/51-android.txt
+++ /dev/null
@@ -1,36 +0,0 @@
-# adb protocol on passion (Nexus One)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e12", MODE="0600", OWNER="<username>"
-# fastboot protocol on passion (Nexus One)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", ATTR{idProduct}=="0fff", MODE="0600", OWNER="<username>"
-# adb protocol on crespo/crespo4g (Nexus S)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e22", MODE="0600", OWNER="<username>"
-# fastboot protocol on crespo/crespo4g (Nexus S)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e20", MODE="0600", OWNER="<username>"
-# adb protocol on stingray/wingray (Xoom)
-SUBSYSTEM=="usb", ATTR{idVendor}=="22b8", ATTR{idProduct}=="70a9", MODE="0600", OWNER="<username>"
-# fastboot protocol on stingray/wingray (Xoom)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="708c", MODE="0600", OWNER="<username>"
-# adb protocol on maguro/toro (Galaxy Nexus)
-SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", ATTR{idProduct}=="6860", MODE="0600", OWNER="<username>"
-# fastboot protocol on maguro/toro (Galaxy Nexus)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e30", MODE="0600", OWNER="<username>"
-# adb protocol on panda (PandaBoard)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d101", MODE="0600", OWNER="<username>"
-# adb protocol on panda (PandaBoard ES)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="d002", MODE="0600", OWNER="<username>"
-# fastboot protocol on panda (PandaBoard)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d022", MODE="0600", OWNER="<username>"
-# usbboot protocol on panda (PandaBoard)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d00f", MODE="0600", OWNER="<username>"
-# usbboot protocol on panda (PandaBoard ES)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d010", MODE="0600", OWNER="<username>"
-# adb protocol on grouper/tilapia (Nexus 7)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e42", MODE="0600", OWNER="<username>"
-# fastboot protocol on grouper/tilapia (Nexus 7)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e40", MODE="0600", OWNER="<username>"
-# adb protocol on manta (Nexus 10)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee2", MODE="0600", OWNER="<username>"
-# fastboot protocol on manta (Nexus 10)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee0", MODE="0600", OWNER="<username>"
-# adb protocol on hammerhead (Nexus 5)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee1", MODE="0600", OWNER="<username>"
diff --git a/en/source/build-numbers.html b/en/source/build-numbers.html
index e50741a..0e11aa5 100644
--- a/en/source/build-numbers.html
+++ b/en/source/build-numbers.html
@@ -208,7 +208,13 @@
</thead>
<tbody>
<tr>
- <td>OPR6.170623.017</td>
+ <td>OPR6.170623.021</td>
+ <td>android-8.0.0_r12</td>
+ <td>Oreo</td>
+ <td>Nexus Player</td>
+ </tr>
+ <tr>
+ <td>OPR6.170623.019</td>
<td>android-8.0.0_r11</td>
<td>Oreo</td>
<td>Nexus 6P</td>
diff --git a/en/source/initializing.html b/en/source/initializing.html
index eb8dce3..505b647 100644
--- a/en/source/initializing.html
+++ b/en/source/initializing.html
@@ -181,23 +181,10 @@
<h3 id="configuring-usb-access">Configuring USB Access</h3>
-<p>Under GNU/Linux systems (and specifically under Ubuntu systems),
-regular users can't directly access USB devices by default. The
-system needs to be configured to allow such access.</p>
-<p>The recommended approach is to create a file at
-<code>/etc/udev/rules.d/51-android.rules</code> (as the root user).</p>
-
-<p>To do this, run the following command to download the <a
-href="51-android.txt">51-android.txt</a> file attached to this site, modify
-it to include your username, and place it in the correct location:</p>
-
-<pre class="devsite-terminal devsite-click-to-copy">
-wget -S -O - http://source.android.com/source/51-android.txt | sed "s/<username>/$USER/" | sudo tee >/dev/null /etc/udev/rules.d/51-android.rules; sudo udevadm control --reload-rules
-</pre>
-
-<p>Those new rules take effect the next time a device is plugged in.
-It might therefore be necessary to unplug the device and plug it
-back into the computer.</p>
+<p>Install a community-maintained default set of <code>udev</code> rules for
+all Android devices by following the instructions to <a
+href="https://developer.android.com/studio/run/device.html#setting-up"
+class="external">Set up a device for development</a>.
<h3 id="using-a-separate-output-directory">Using a separate output directory</h3>
