DivestOS/Misc/pick-imports/16-asbs.txt

439 lines
46 KiB
Plaintext
Raw Normal View History

16.0: Import and verify picks https://review.lineageos.org/q/topic:P_asb_2022-05 https://review.lineageos.org/q/topic:P_asb_2022-06 https://review.lineageos.org/q/topic:P_asb_2022-07 https://review.lineageos.org/q/topic:P_asb_2022-08 https://review.lineageos.org/q/topic:P_asb_2022-09 https://review.lineageos.org/q/topic:P_asb_2022-10 https://review.lineageos.org/q/topic:P_asb_2022-11 https://review.lineageos.org/q/topic:P_asb_2022-12 https://review.lineageos.org/q/topic:P_asb_2023-01 https://review.lineageos.org/q/topic:P_asb_2023-02 https://review.lineageos.org/q/topic:P_asb_2023-03 https://review.lineageos.org/q/topic:P_asb_2023-04 https://review.lineageos.org/q/topic:P_asb_2023-05 https://review.lineageos.org/q/topic:P_asb_2023-06 https://review.lineageos.org/q/topic:P_asb_2023-07 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/361250 https://review.lineageos.org/q/topic:P_asb_2023-08 accounted for via manifest change: https://review.lineageos.org/c/LineageOS/android_external_freetype/+/364606 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/365328 https://review.lineageos.org/q/topic:P_asb_2023-09 https://review.lineageos.org/q/topic:P_asb_2023-10 https://review.lineageos.org/q/topic:P_asb_2023-11 accounted for via patches: https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/374916 https://review.lineageos.org/q/topic:P_asb_2023-12 https://review.lineageos.org/q/topic:P_asb_2024-01 https://review.lineageos.org/q/topic:P_asb_2024-02 https://review.lineageos.org/q/topic:P_asb_2024-03 https://review.lineageos.org/q/topic:P_asb_2024-04 Signed-off-by: Tavi <tavi@divested.dev>
2024-05-07 19:13:31 -04:00
https://github.com/LineageOS/android_frameworks_base/commit/ea52854b208d2a8e367c65068edbdff741b9eb80 330961 #P_asb_2022-05 Keyguard - Treat messsages to lock with priority
https://github.com/LineageOS/android_frameworks_base/commit/6bc4a89b9680b780768ee2b92a01f979b708c00b 330962 #P_asb_2022-05 Verify caller before auto granting slice permission
https://github.com/LineageOS/android_packages_services_Telecomm/commit/e298920fbeb8714698c6e96beaff71383640878b 330959 #P_asb_2022-05 Handle null bindings returned from ConnectionService.
https://github.com/LineageOS/android_packages_apps_Settings/commit/cfe47c5ab58c17fe9e2b580874878347461d8695 330960 #P_asb_2022-05 Hide private DNS settings UI in Guest mode
https://github.com/LineageOS/android_frameworks_base/commit/a1c1383a08e17e14273e0f2e7d1c250fb4e3b7f2 330963 #P_asb_2022-05 Always restart apps if base.apk gets updated.
https://github.com/LineageOS/android_external_aac/commit/e40800a613eb89b5b4c701774c3cecc1c2b7dd6c 332775 #P_asb_2022-06 Reject invalid out of band config in transportDec_OutOfBandConfig() and skip re-allocation.
https://github.com/LineageOS/android_frameworks_base/commit/4005549db2fa7e1524fc0dbbe22c774fb00b6cb3 332779 #P_asb_2022-06 Prevent non-admin users from deleting system apps.
https://github.com/LineageOS/android_packages_services_Telecomm/commit/526bbbb30625c4b2728d4c461137413dbd1a96f6 332764 #P_asb_2022-06 limit TelecomManager#registerPhoneAccount to 10
https://github.com/LineageOS/android_system_core/commit/976019d07ad1c007043b78450857f428a1440f06 332765 #P_asb_2022-06 Backport of Win-specific suppression of potentially rogue construct that can engage in directory traversal on the host.
https://github.com/LineageOS/android_frameworks_base/commit/c8da70733ac6be9b209b27b8bd72f9b0f0a2ee44 332778 #P_asb_2022-06 Fix security hole in GateKeeperResponse
https://github.com/LineageOS/android_frameworks_base/commit/e7f0f7bac948a3deb2ef9139ef4fd9ad9eb1215a 332777 #P_asb_2022-06 Add an OEM configurable limit for zen rules
https://github.com/LineageOS/android_frameworks_base/commit/c6a97af0e9b22c303d13ad573e96eb4b06c0bfa3 332776 #P_asb_2022-06 Update GeofenceHardwareRequestParcelable to match parcel/unparcel format.
https://github.com/LineageOS/android_frameworks_base/commit/76c531e222779ae68047010f42f7a36100010f4c 332757 #P_asb_2022-06 limit TelecomManager#registerPhoneAccount to 10; api doc update
https://github.com/LineageOS/android_frameworks_base/commit/258ab4cfd77e49b087f4b3333c21ecb23d4c2a9f 332756 #P_asb_2022-06 Add finalizeWorkProfileProvisioning.
https://github.com/LineageOS/android_packages_apps_Nfc/commit/d7722eaa4defeaea88dce9f3c644e038af3f637d 332762 #P_asb_2022-06 OOB read in phNciNfc_RecvMfResp()
https://github.com/LineageOS/android_packages_apps_Settings/commit/ecf8fd5a9aa4976ace98fe9a4986f1de3ff77c1d 332763 #P_asb_2022-06 Prevent exfiltration of system files via user image settings.
https://github.com/LineageOS/android_packages_apps_Dialer/commit/71701cfc7511cd3ad2e8a0f0f12dd78ea8db2517 332761 #P_asb_2022-06 No longer export CallSubjectDialog
https://github.com/LineageOS/android_packages_apps_Contacts/commit/5055718d99866a7783cf72199b3f385e68bc7a53 332760 #P_asb_2022-06 No longer export CallSubjectDialog
https://github.com/LineageOS/android_packages_apps_Bluetooth/commit/6ff1c1f2e637e0dc3fc803f8028c7b89bae74937 332759 #P_asb_2022-06 Removes app access to BluetoothAdapter#setDiscoverableTimeout by requiring BLUETOOTH_PRIVILEGED permission.
https://github.com/LineageOS/android_packages_apps_Bluetooth/commit/eb31965a73439dc8638d03b23f4648774a05df57 332758 #P_asb_2022-06 Removes app access to BluetoothAdapter#setScanMode by requiring BLUETOOTH_PRIVILEGED permission.
https://github.com/LineageOS/android_vendor_nxp_opensource_packages_apps_Nfc/commit/08fbee6160c576d2d9feff91af2ed3ce0bff2cb7 332773 #P_asb_2022-06 OOB read in phNciNfc_RecvMfResp()
https://github.com/LineageOS/android_system_nfc/commit/318f09ce7e384809e3ab68c0294be96da6bf5141 332766 #P_asb_2022-06 Out of Bounds Read in nfa_dm_check_set_config
https://github.com/LineageOS/android_system_nfc/commit/af0a965cd72fa6cab442fc46068fe4e556ca14c3 332767 #P_asb_2022-06 Double Free in ce_t4t_data_cback
https://github.com/LineageOS/android_system_nfc/commit/09dd85730f6c7ea4e2da2a9bf51de5d45a3b1061 332768 #P_asb_2022-06 OOBR in nfc_ncif_proc_ee_discover_req()
https://github.com/LineageOS/android_vendor_nxp_opensource_external_libnfc-nci/commit/a6c1507a0fa5a844514ecae89d0758ccb8724585 332769 #P_asb_2022-06 Prevent OOB write in nfc_ncif_proc_ee_discover_req
https://github.com/LineageOS/android_vendor_nxp_opensource_external_libnfc-nci/commit/9dd0310855fa8889217e4e077bcfc7822abdbdc2 332770 #P_asb_2022-06 Out of Bounds Read in nfa_dm_check_set_config
https://github.com/LineageOS/android_vendor_nxp_opensource_external_libnfc-nci/commit/84a8c1e3350174c25da59c7c6479b0dca37df111 332771 #P_asb_2022-06 Double Free in ce_t4t_data_cback
https://github.com/LineageOS/android_vendor_nxp_opensource_external_libnfc-nci/commit/d5b6e36b4d5585d3e003d16ba6aa73929ae7255d 332772 #P_asb_2022-06 OOBR in nfc_ncif_proc_ee_discover_req()
https://github.com/LineageOS/android_packages_apps_EmergencyInfo/commit/82c9270c2cf11b9a2ac4b5942f3ec086bc02099c 342101 #P_asb_2022-06 Prevent exfiltration of system files via user image settings.
https://github.com/LineageOS/android_frameworks_base/commit/862a9ed37b4cc89f450e6159cec65552e6e9fd38 334256 #P_asb_2022-07 StorageManagerService: don't ignore failures to prepare user storage
https://github.com/LineageOS/android_frameworks_base/commit/10600c7c0cb582877cae6d3a28c9e39a73add1e1 334257 #P_asb_2022-07 UserDataPreparer: reboot to recovery if preparing user storage fails
https://github.com/LineageOS/android_frameworks_base/commit/44130eac9f128dbea908171de1fa0743f2dda709 334258 #P_asb_2022-07 UserDataPreparer: reboot to recovery for system user only
https://github.com/LineageOS/android_frameworks_base/commit/8b1d16f79b125ea356d7af582fc6ceac297afa04 334259 #P_asb_2022-07 Ignore errors preparing user storage for existing users
https://github.com/LineageOS/android_frameworks_base/commit/2688ed5ff6c1c637444ba776d730940769b2ee1d 334260 #P_asb_2022-07 Log to EventLog on prepareUserStorage failure
https://github.com/LineageOS/android_frameworks_base/commit/bcede32d6c0c192b00fa745e522d50b817ea969b 334262 #P_asb_2022-07 Crash invalid FGS notifications
https://github.com/LineageOS/android_packages_apps_KeyChain/commit/5e04f66b9db71a74b7dbf6ca9a43b602d5fca122 334264 #P_asb_2022-07 Encode authority part of uri before showing in UI
https://github.com/LineageOS/android_packages_apps_Settings/commit/1fee30e9946eec7ec5b0c95481317cd1647c92a7 334265 #P_asb_2022-07 Fix LaunchAnyWhere in AppRestrictionsFragment
https://github.com/LineageOS/android_system_bt/commit/b15c9cc55faddbdb36df6af086762adfef028bbe 334266 #P_asb_2022-07 Security: Fix out of bound write in HFP client
https://github.com/LineageOS/android_system_bt/commit/5d7b97ac9aa45287bf57d061b7e1e0287c7c513a 334267 #P_asb_2022-07 Check Avrcp packet vendor length before extracting length
https://github.com/LineageOS/android_frameworks_opt_telephony/commit/4e3e190ff664797f23039da13a45a70ddf615489 334263 #P_asb_2022-07 Enforce privileged phone state for getSubscriptionProperty(GROUP_UUID)
https://github.com/LineageOS/android_system_bt/commit/f41d68b53f669b96787f5fde38bdc5fe73e795b8 334268 #P_asb_2022-07 Security: Fix out of bound read in AT_SKIP_REST
https://github.com/LineageOS/android_frameworks_base/commit/35c2fc9116afdd6fe2dcca6e4fb59466a317b342 335117 #P_asb_2022-08 Only allow system and same app to apply relinquishTaskIdentity
https://github.com/LineageOS/android_system_bt/commit/8bfd408fa1ebf3d8dc2fc9906672c7cfe7dc0144 335109 #P_asb_2022-08 Removing bonded device when auth fails due to missing keys
https://github.com/LineageOS/android_packages_providers_ContactsProvider/commit/3b27f760484b42cc1ea25af7bdeb68b40cdfa455 335110 #P_asb_2022-08 enforce stricter CallLogProvider query
https://github.com/LineageOS/android_packages_apps_Settings/commit/9dfc928466d7709c968adcba7f22378e243b99f2 335111 #P_asb_2022-08 Verify ringtone from ringtone picker is audio
https://github.com/LineageOS/android_packages_apps_Settings/commit/539f79473852aab2bebcc7374404f47eccb297b1 335112 #P_asb_2022-08 Make bluetooth not discoverable via SliceDeepLinkTrampoline
https://github.com/LineageOS/android_packages_apps_Settings/commit/b8e381a8e5b104a455efb6b4352eee04b1fb4a5c 335113 #P_asb_2022-08 Fix: policy enforcement for location wifi scanning
https://github.com/LineageOS/android_packages_apps_Settings/commit/83ce5e4d8f0bb352ed433e711acacdd1a51130fe 335114 #P_asb_2022-08 Fix Settings crash when setting a null ringtone
https://github.com/LineageOS/android_packages_apps_Settings/commit/91b6470dde8a9b2586273796c183a29000a82ce5 335115 #P_asb_2022-08 Fix can't change notification sound for work profile.
https://github.com/LineageOS/android_packages_apps_Settings/commit/ccebafea047fef8ab93c4e748ab1b9a15280702b 335116 #P_asb_2022-08 Extract app label from component name in notification access confirmation UI
https://github.com/LineageOS/android_frameworks_base/commit/a532c1aeec285ebd601ceb266f0af8553ccef5df 335118 #P_asb_2022-08 Suppress notifications when device enter lockdown
https://github.com/LineageOS/android_frameworks_base/commit/017b9b6b000693a5e48ba7431bf638c257833ec3 335119 #P_asb_2022-08 Remove package title from notification access confirmation intent
https://github.com/LineageOS/android_frameworks_base/commit/53f3e590ac533cacdf7e78ec701a8e365c89901b 335121 #P_asb_2022-08 Only allow the system server to connect to sync adapters
https://github.com/LineageOS/android_frameworks_base/commit/cb2cb0520dd1f4c7e19e806cde02fc3da6a355d2 335120 #P_asb_2022-08 Stop using invalid URL to prevent unexpected crash
https://github.com/LineageOS/android_frameworks_base/commit/26e3268f3cac1d120d8b4683e8d5201b70f44fc2 338346 #P_asb_2022-09 Fix duplicate permission privilege escalation
https://github.com/LineageOS/android_frameworks_base/commit/b98ed505d5c477f5d6e1f88433a5c9f1cb03025e 338347 #P_asb_2022-09 Parcel: recycle recycles
https://github.com/LineageOS/android_frameworks_base/commit/3a1887eb6147d7e51a79c387aaed38c08056c789 338348 #P_asb_2022-09 IMMS: Make IMMS PendingIntents immutable
https://github.com/LineageOS/android_frameworks_base/commit/031578d71058c6400ea91b1806b467aca2de54b1 338349 #P_asb_2022-09 Remove package name from SafetyNet logs
https://github.com/LineageOS/android_external_expat/commit/31f7a33a236a574c7c4bea5de648c349fa1e7508 338353 #P_asb_2022-09 Prevent integer overflow in copyString
https://github.com/LineageOS/android_external_expat/commit/5c70aa4e573cf46f6127aa6713c09877a246bf6b 338354 #P_asb_2022-09 Prevent XML_GetBuffer signed integer overflow
https://github.com/LineageOS/android_external_expat/commit/68116f18efee226636fdc2ecf518f3de589c98a8 338355 #P_asb_2022-09 Prevent integer overflow in function doProlog
https://github.com/LineageOS/android_external_expat/commit/883c4901f5ca13cf202c9c234612e117f0ef092e 338356 #P_asb_2022-09 Prevent more integer overflows
https://github.com/LineageOS/android_system_bt/commit/a940244a653c0c20e5d08aaf40484da93300dc3f 338350 #P_asb_2022-09 Fix OOB in bnep_is_packet_allowed
https://github.com/LineageOS/android_system_bt/commit/de882ad1be24fa351ad8ba483b89c2b0b1e615c6 338351 #P_asb_2022-09 Fix OOB in BNEP_Write
https://github.com/LineageOS/android_system_bt/commit/88b4c659bc53971605a5cdde56f94b2d90677d20 338352 #P_asb_2022-09 Fix OOB in reassemble_and_dispatch
https://github.com/LineageOS/android_external_dtc/commit/d8ff0456cbe3b32b5f71dd0740f9a6cca6de27b9 342096 #P_asb_2022-10 libfdt: fdt_offset_ptr(): Fix comparison warnings
https://github.com/LineageOS/android_system_bt/commit/024bd7b32e3298ceaf70443e9224aff56cf8de4b 342097 #P_asb_2022-10 Fix potential interger overflow when parsing vendor response
https://github.com/LineageOS/android_system_nfc/commit/f7eb9ba0755d2ab170d7fa7f46d67ebed4690426 342098 #P_asb_2022-10 The length of a packet should be non-zero
https://github.com/LineageOS/android_frameworks_base/commit/950c44f0e7229672ea093e86d7f05df00b33844d 342100 #P_asb_2022-10 Limit the number of concurrently snoozed notifications
https://github.com/LineageOS/android_vendor_nxp_opensource_external_libnfc-nci/commit/c5cae87d66c3b8d459677da775cc61e550bba993 342099 #P_asb_2022-10 The length of a packet should be non-zero
https://github.com/LineageOS/android_packages_apps_PackageInstaller/commit/79fbc97fa9030bc872c26dde69d3d6b5ca50d42c 344181 #P_asb_2022-11 Hide overlays on ReviewPermissionsAtivity
https://github.com/LineageOS/android_packages_providers_TelephonyProvider/commit/915289305d5bd55c3a9e5667acab9cfec8f68d31 344182 #P_asb_2022-11 Check dir path before updating permissions.
https://github.com/LineageOS/android_packages_services_Telecomm/commit/9bd081d4162ee1bd99eed4a2f8c144255a3b7a41 344183 #P_asb_2022-11 switch TelecomManager List getters to ParceledListSlice
https://github.com/LineageOS/android_system_bt/commit/b8332ffa326c412c7952bcae1ad924a8542caa8e 344184 #P_asb_2022-11 Add negative length check in process_service_search_rsp
https://github.com/LineageOS/android_system_bt/commit/9e3a7208a794cb350b5b1565db4e1120d7b1373d 344185 #P_asb_2022-11 Add buffer in pin_reply in bluetooth.cc
https://github.com/LineageOS/android_frameworks_base/commit/fcd8dc4d686c362b7353f9d7c6a3b05994cc0565 344168 #P_asb_2022-11 Move accountname and typeName length check from Account.java to AccountManagerService.
https://github.com/LineageOS/android_frameworks_base/commit/bad61936167d1d7eca8dc155e8c0c8a248a2bc5c 344169 #P_asb_2022-11 switch TelecomManager List getters to ParceledListSlice
https://github.com/LineageOS/android_frameworks_base/commit/e72558a547d48190469c0763a9e317d1792a9f53 344170 #P_asb_2022-11 Do not send new Intent to non-exported activity when navigateUpTo
https://github.com/LineageOS/android_frameworks_base/commit/6a42e12de4cf0f2de93cbd8bb4506de8a83dd88a 344171 #P_asb_2022-11 Do not send AccessibilityEvent if notification is for different user.
https://github.com/LineageOS/android_frameworks_base/commit/36b533a308ced7203f515daed97d0f15bb65587f 344172 #P_asb_2022-11 Trim any long string inputs that come in to AutomaticZenRule
https://github.com/LineageOS/android_frameworks_base/commit/114dcf0b5836c0c982a560e85350f408c8640bdf 344173 #P_asb_2022-11 Check permission for VoiceInteraction
https://github.com/LineageOS/android_frameworks_base/commit/22e363c319e6fddeea39f00f7ef5e63395a45dc5 344174 #P_asb_2022-11 Do not dismiss keyguard after SIM PUK unlock
https://github.com/LineageOS/android_hardware_nxp_nfc/commit/70c3eef94c74e78d9bf9e9119d58ca0a5082cf2f 344180 #P_asb_2022-11 OOBW in phNxpNciHal_write_unlocked()
https://github.com/LineageOS/android_external_dtc/commit/c34b2c464b0900d3e79aa1c64c25137fd09c4762 344161 #P_asb_2022-11 Fix integer wrap sanitisation.
https://github.com/LineageOS/android_frameworks_av/commit/2692e4bcdba06eec20424291acaac5669acf581f 344167 #P_asb_2022-11 setSecurityLevel in clearkey
https://github.com/LineageOS/android_vendor_nxp_opensource_halimpl/commit/9d9f191dd2522aa286bdc3c42d6777b6e503356b 344190 #P_asb_2022-11 OOBW in phNxpNciHal_write_unlocked()
https://github.com/LineageOS/android_system_bt/commit/cea94f7ab0d36254a99d5854b9c2e83afd4584bc 345915 #P_asb_2022-12 Added max buffer length check
https://github.com/LineageOS/android_system_bt/commit/56ea90b69d6715e7e1f0ddd35fd5ca7e19d93dc6 345916 #P_asb_2022-12 Add missing increment in bnep_api.cc
https://github.com/LineageOS/android_system_bt/commit/da6430bd4b319f8398deaef8d74341234fb79624 345917 #P_asb_2022-12 Add length check when copy AVDT and AVCT packet
https://github.com/LineageOS/android_system_bt/commit/222fad2e71f159e3d6e0bc0aef36f83cbf3fcdfa 345918 #P_asb_2022-12 Fix integer overflow when parsing avrc response
https://github.com/LineageOS/android_frameworks_base/commit/16da2229db1aa80499b296bc8c384fe78add0e30 345892 #P_asb_2022-12 Revert "Prevent non-admin users from deleting system apps."
https://github.com/LineageOS/android_frameworks_base/commit/921f748f4dd12465721dc7e8ed86f89c0718da57 345893 #P_asb_2022-12 Limit the size of NotificationChannel and NotificationChannelGroup
https://github.com/LineageOS/android_frameworks_base/commit/4bdaa78394c95a864f1d34ec1997c6494dbece15 345894 #P_asb_2022-12 Prevent non-admin users from deleting system apps.
https://github.com/LineageOS/android_frameworks_base/commit/c8ac5b6a05bb584e196b4c1bd4b819914c4018b6 345895 #P_asb_2022-12 Validate package name passed to setApplicationRestrictions.
https://github.com/LineageOS/android_frameworks_base/commit/9e0a825e2ca0cf102fc462af55f5a471d6d5836d 345896 #P_asb_2022-12 Include all enabled services when FEEDBACK_ALL_MASK.
https://github.com/LineageOS/android_frameworks_base/commit/8d88ee0de3b9e474fcc70ab121186df93bf75456 345897 #P_asb_2022-12 [pm] forbid deletion of protected packages
https://github.com/LineageOS/android_frameworks_base/commit/c4763f78a2ab695992cf63709b665c7478d43891 345898 #P_asb_2022-12 Fix NPE
https://github.com/LineageOS/android_frameworks_base/commit/08605e9ee1e96336fe3202066a6cdba21cf377ad 345899 #P_asb_2022-12 Fix a security issue in app widget service.
https://github.com/LineageOS/android_frameworks_base/commit/4d5e30ccea8cc4dec6359f004173d896c4b01556 345900 #P_asb_2022-12 Ignore malformed shortcuts
https://github.com/LineageOS/android_frameworks_base/commit/58e177ca589576cacfd1ed016bdd5d0bf4cb9a5d 345901 #P_asb_2022-12 Fix permanent denial of service via setComponentEnabledSetting
https://github.com/LineageOS/android_frameworks_base/commit/be00f79f1148a27fd9161e65ebaa2eedb7fca4c7 345902 #P_asb_2022-12 Add safety checks on KEY_INTENT mismatch.
https://github.com/LineageOS/android_frameworks_minikin/commit/4f583889fcc90883fa3ec86befa20c671ec8774e 345903 #P_asb_2022-12 Fix OOB read for registerLocaleList
https://github.com/LineageOS/android_frameworks_minikin/commit/89b513681269399b4d2621f0c1750daa48f77681 345904 #P_asb_2022-12 Fix OOB crash for registerLocaleList
https://github.com/LineageOS/android_packages_apps_Bluetooth/commit/f7624d5f831e8576a816feaebb120974e54c23b6 345907 #P_asb_2022-12 Fix URI check in BluetoothOppUtility.java
https://github.com/LineageOS/android_packages_apps_EmergencyInfo/commit/c6cd624a87b1b8f586ef83b2a810c36669b55a0b 345908 #P_asb_2022-12 Revert "Prevent exfiltration of system files via user image settings."
https://github.com/LineageOS/android_packages_apps_EmergencyInfo/commit/d25bc7d14e791a049698ac2c7cbd9c72e6e7592d 345909 #P_asb_2022-12 Prevent exfiltration of system files via avatar picker.
https://github.com/LineageOS/android_packages_apps_Settings/commit/06242790f0f2b20e1f0caa0548924d1fcddfca93 345910 #P_asb_2022-12 Revert "Prevent exfiltration of system files via user image settings."
https://github.com/LineageOS/android_packages_apps_Settings/commit/090473035dd448e96138844bfec0c88952acf3d1 345911 #P_asb_2022-12 Prevent exfiltration of system files via avatar picker.
https://github.com/LineageOS/android_packages_apps_Settings/commit/6f9c13de0a620203fe7d6bcdfd6d94c74e22706b 345912 #P_asb_2022-12 Add FLAG_SECURE for ChooseLockPassword and Pattern
https://github.com/LineageOS/android_external_dtc/commit/77e6d383cde91d7ac8bbb159de215ec198e9f1aa 345891 #P_asb_2022-12 libfdt: fdt_path_offset_namelen: Reject empty paths
https://github.com/LineageOS/android_packages_services_Telecomm/commit/fae9a71b822b913e7516333484e8efd513e1640d 345913 #P_asb_2022-12 Hide overlay windows when showing phone account enable/disable screen.
https://github.com/LineageOS/android_system_bt/commit/210fe2c41c04d50c7a82a6415d7708ff5d055b3e 345914 #P_asb_2022-12 Add length check when copy AVDTP packet
https://github.com/LineageOS/android_frameworks_base/commit/7f7b42f83fd7aef7570450b82c5931aa81f1e66d 347044 #P_asb_2023-01 Limit lengths of fields in Condition to a max length.
https://github.com/LineageOS/android_frameworks_base/commit/91726ddbd32c8b5226991492354f1d93616c6cfd 347045 #P_asb_2023-01 Disable all A11yServices from an uninstalled package.
https://github.com/LineageOS/android_frameworks_base/commit/2dc4e2467dcebfc827d68f573570cd04e6ea6244 347046 #P_asb_2023-01 Fix conditionId string trimming in AutomaticZenRule
https://github.com/LineageOS/android_frameworks_base/commit/9b5407d68859e615a2ee7a229f486fc5365682da 347047 #P_asb_2023-01 [SettingsProvider] mem limit should be checked before settings are updated
https://github.com/LineageOS/android_frameworks_base/commit/66a9e8fc457e7257b78dfef3f18eab01c63efc12 347048 #P_asb_2023-01 Revert "Revert "Validate permission tree size..."
https://github.com/LineageOS/android_frameworks_base/commit/c8892a45db45ee79085b0ee620b3d8f69f560d03 347049 #P_asb_2023-01 [SettingsProvider] key size limit for mutating settings
https://github.com/LineageOS/android_frameworks_base/commit/9e7745eeedc6066e91e0c508d49c8db15a8ae6bf 347050 #P_asb_2023-01 Revoke SYSTEM_ALERT_WINDOW on upgrade past api 23
https://github.com/LineageOS/android_frameworks_base/commit/be4c10b9f70b5033bc6f75649265a12f65ad0bc3 347051 #P_asb_2023-01 Add protections agains use-after-free issues if cancel() or queue() is called after a device connection has been closed.
https://github.com/LineageOS/android_packages_services_Telephony/commit/d596467cc3b161beca194ce4c8f96efcd0d6a340 347041 #P_asb_2023-01 prevent overlays on the phone settings
https://github.com/LineageOS/android_packages_services_Telecomm/commit/7636df9f0dcff2d9b272f925b956348fc8dc384b 347042 #P_asb_2023-01 Fix security vulnerability when register phone accounts.
https://github.com/LineageOS/android_packages_apps_Nfc/commit/48b3f34578cd9757a11c1cd694527b45c5915ae8 347043 #P_asb_2023-01 OOBW in Mfc_Transceive()
https://github.com/LineageOS/android_system_bt/commit/deb080bb11eadef601ec11633317090f060e50bb 347127 #P_asb_2023-01 BT: Once AT command is retrieved, return from method.
https://github.com/LineageOS/android_system_bt/commit/0c74f58652259adde281b7d8b13732a8f0e9ab92 347128 #P_asb_2023-01 AVRC: Validating msg size before accessing fields
https://github.com/LineageOS/android_frameworks_base/commit/a9d49368cb13ba9d98af67ae9a96b82ae7fc4e46 349330 #P_asb_2023-02 Correct the behavior of ACTION_PACKAGE_DATA_CLEARED
https://github.com/LineageOS/android_frameworks_base/commit/7780547c156f34020ba7316e8c8cbea6c7985818 349331 #P_asb_2023-02 Convert argument to intent in ChooseTypeAndAccountActivity
https://github.com/LineageOS/android_packages_apps_Bluetooth/commit/90e0fb025afa7bfe3600b79c2e0e563b5d6124bb 349332 #P_asb_2023-02 Fix OPP comparison
https://github.com/LineageOS/android_packages_apps_EmergencyInfo/commit/eeb60967a52197d04d331b8e87beb5f1fb9e92aa 349333 #P_asb_2023-02 Removes unnecessary permission from the EmergencyInfo app.
https://github.com/LineageOS/android_system_bt/commit/12b2d2eeb63246e85e30389d2e885608e9209cc1 349334 #P_asb_2023-02 Report failure when not able to connect to AVRCP
https://github.com/LineageOS/android_system_bt/commit/8e81bb1e80ccbba0724e12dabac61b9ac36d4b0f 349335 #P_asb_2023-02 Add bounds check in avdt_scb_act.cc
https://github.com/LineageOS/android_vendor_nxp_opensource_packages_apps_Nfc/commit/35299f9e605257a17257c5da0064c3f7cc3dce4a 349336 #P_asb_2023-02 OOBW in phNciNfc_MfCreateXchgDataHdr
https://github.com/LineageOS/android_external_expat/commit/281fc3aeb520277460014a8c398ba083d167f284 349328 #P_asb_2023-02 [CVE-2022-43680] Fix overeager DTD destruction (fixes #649)
https://github.com/LineageOS/android_frameworks_av/commit/994d95501928153cb7b8f04587e3160bc17ce2a5 349329 #P_asb_2023-02 move MediaCodec metrics processing to looper thread
https://github.com/LineageOS/android_external_zlib/commit/d6e0dec5307a69aa6381246221803bdc050e5b96 351909 #P_asb_2023-03 Fix a bug when getting a gzip header extra field with inflate().
https://github.com/LineageOS/android_packages_apps_Settings/commit/5f84b1609065c5b26f2b5278d83fdd791597a69f 351914 #P_asb_2023-03 FRP bypass defense in the settings app
https://github.com/LineageOS/android_packages_apps_Settings/commit/718126925dc2e00c268f49d006231eb3edd5778a 351915 #P_asb_2023-03 Add DISALLOW_APPS_CONTROL check into uninstall app for all users
https://github.com/LineageOS/android_system_bt/commit/b7dfbbdf4dc9ae5761816ad0a4875d46244ed25a 351916 #P_asb_2023-03 Fix an OOB Write bug in gatt_check_write_long_terminate
https://github.com/LineageOS/android_system_bt/commit/b433704453d59946be0f5b30346cf0dd3e42ec09 351917 #P_asb_2023-03 Fix an OOB access bug in A2DP_BuildMediaPayloadHeaderSbc
https://github.com/LineageOS/android_system_bt/commit/fcd19451fa2e3da35c3e0f5db0961b994ed1b49f 351918 #P_asb_2023-03 Fix an OOB write in SDP_AddAttribute
https://github.com/LineageOS/android_frameworks_base/commit/3f8c0e9c4ad48b37c44e132a7a8e3fd157a83e00 351910 #P_asb_2023-03 Move service initialization
https://github.com/LineageOS/android_frameworks_base/commit/11c799795be7c8bafedbc4eb3d940b4a1f93a308 351911 #P_asb_2023-03 Enable user graularity for lockdown mode
https://github.com/LineageOS/android_frameworks_base/commit/d6401e37da9afb99f647b09fd3ce9aa38bb84016 351912 #P_asb_2023-03 Revoke dev perm if app is upgrading to post 23 and perm has pre23 flag
https://github.com/LineageOS/android_frameworks_base/commit/7d63c11542c202467f035e03644962a263cfdc19 351913 #P_asb_2023-03 Reconcile WorkSource parcel and unparcel code.
https://github.com/LineageOS/android_frameworks_base/commit/7ed39484667b94b738b7d1d7717ef5b640a7a405 354243 #P_asb_2023-04 Checking if package belongs to UID before registering broadcast receiver
https://github.com/LineageOS/android_frameworks_base/commit/34184bc31e77a8db5b967ca275f6e4841bd5e3ff 354244 #P_asb_2023-04 Fix checkKeyIntentParceledCorrectly's bypass
https://github.com/LineageOS/android_frameworks_base/commit/9cade5349e44f2b48ed6408e3b05a1272ff2a3ef 354245 #P_asb_2023-04 Encode Intent scheme when serializing to URI string RESTRICT AUTOMERGE
https://github.com/LineageOS/android_frameworks_base/commit/1dc0540d7b8918a6043c0863b2bea0946b100b8e 354242 #P_asb_2023-04 Context#startInstrumentation could be started from SHELL only now.
https://github.com/LineageOS/android_system_bt/commit/a883a17a9e05d87bfb1547d8b812522c771c971c 354246 #P_asb_2023-04 Fix OOB access in avdt_scb_hdl_pkt_no_frag
https://github.com/LineageOS/android_system_bt/commit/d9472b7fba9c3a366e768ff4c28225d264aa6ad1 354247 #P_asb_2023-04 Fix an OOB bug in register_notification_rsp
https://github.com/LineageOS/android_vendor_nxp_opensource_external_libnfc-nci/commit/5ad6edf34e69b9bd0334bb0b0a3592b8d5ded5b4 354249 #P_asb_2023-04 OOBW in nci_snd_set_routing_cmd()
https://github.com/LineageOS/android_system_nfc/commit/d751463856e968430d4859a55a97f12b2553de19 354248 #P_asb_2023-04 OOBW in nci_snd_set_routing_cmd()
https://github.com/LineageOS/android_packages_services_Telecomm/commit/ffd36f517fae838fe836d6f189b2de6355e6814c 356150 #P_asb_2023-05 enforce stricter rules when registering phoneAccounts
https://github.com/LineageOS/android_frameworks_native/commit/09ece8aee9246ba8ef5408e074165c9bbc2d6bc1 356151 #P_asb_2023-05 Check for malformed Sensor Flattenable
https://github.com/LineageOS/android_frameworks_native/commit/c62382dd2192444ca7a81a0318521b03e852c355 356152 #P_asb_2023-05 Remove some new memory leaks from SensorManager
https://github.com/LineageOS/android_frameworks_native/commit/30348a31e1c0eb604f1a2de40b57d734f71cb9e8 356153 #P_asb_2023-05 Add removeInstanceForPackageMethod to SensorManager
https://github.com/LineageOS/android_frameworks_base/commit/e0f219e675b2a36304db2f163783fe82937c1d41 356156 #P_asb_2023-05 enforce stricter rules when registering phoneAccounts
https://github.com/LineageOS/android_frameworks_base/commit/18025b2a135d7e7063201054b7f4409fe562ee56 356154 #P_asb_2023-05 Checks if AccessibilityServiceInfo is within parcelable size.
https://github.com/LineageOS/android_frameworks_base/commit/0cfc7a41aa5b741452316b19bc100be58bbe3cc7 356155 #P_asb_2023-05 Uri: check authority and scheme as part of determining URI path
https://github.com/LineageOS/android_frameworks_av/commit/d4f4cbe1d4eb1e80f64676cb07e84a6409cd095f 359729 #P_asb_2023-06 Fix NuMediaExtractor::readSampleData buffer Handling
https://github.com/LineageOS/android_packages_apps_Settings/commit/ed20a91b473462e14f7cea5dd1b8cbff4d0feab5 359734 #P_asb_2023-06 Convert argument to intent in AddAccountSettings.
https://github.com/LineageOS/android_packages_apps_TvSettings/commit/3f8f5d733659d15eb78d0a3de97442c1c33259b8 359735 #P_asb_2023-06 Convert argument to intent in addAccount TvSettings.
https://github.com/LineageOS/android_system_bt/commit/5f6f48a784284a9220ae70d9f99d96a25bd3adce 359736 #P_asb_2023-06 Prevent use-after-free of HID reports
https://github.com/LineageOS/android_system_bt/commit/969a3c9aba7e8060f1bcf341375263d67fec01d2 359737 #P_asb_2023-06 Revert "Revert "Validate buffer length in sdpu_build_uuid_seq""
https://github.com/LineageOS/android_system_bt/commit/d50fdc03f066f2b1bdb3bcb21d627a0e3ac9e268 359738 #P_asb_2023-06 Revert "Revert "Fix wrong BR/EDR link key downgrades (P_256->P_192)""
https://github.com/LineageOS/android_frameworks_base/commit/c45ee6ab3ee0b8e4f16cc88d098fb9200b3a109a 359730 #P_asb_2023-06 Check key intent for selectors and prohibited flags
https://github.com/LineageOS/android_frameworks_base/commit/22bac442d2249f6e02608f9994cf761bfdf90d80 359731 #P_asb_2023-06 Handle invalid data during job loading.
https://github.com/LineageOS/android_frameworks_base/commit/24a90436bb260a64b427efb98f3aa40f0c27fe32 359732 #P_asb_2023-06 Allow filtering of services
https://github.com/LineageOS/android_frameworks_base/commit/4974a8613d776dcd0dff6c8950b3dd1a7dbec465 359733 #P_asb_2023-06 Prevent RemoteViews crashing SystemUi
https://github.com/LineageOS/android_packages_apps_Traceur/commit/43b23418ed73d1b64bb198a79c5825666c95684d 378475 #P_asb_2023-06 Update Traceur to check admin user status
https://github.com/LineageOS/android_packages_apps_Traceur/commit/55e506621081e4e092a4434a763561d2a2f0859e 378476 #P_asb_2023-06 Add DISALLOW_DEBUGGING_FEATURES check
https://github.com/LineageOS/android_external_freetype/commit/31e8900c4e35a5b82ee19449830c87f8c1593504 361250 #P_asb_2023-07 Cherry-pick two upstream changes
https://github.com/LineageOS/android_system_nfc/commit/6ea4e00c886e05116d1d6058fb4cf40e0ccdb70b 361251 #P_asb_2023-07 OOBW in rw_i93_send_to_upper()
https://github.com/LineageOS/android_system_bt/commit/c4a3cf60380376537eefcce41eec053677c7732c 361252 #P_asb_2023-07 Fix gatt_end_operation buffer overflow
https://github.com/LineageOS/android_vendor_nxp_opensource_external_libnfc-nci/commit/c2ad40e96300f65c3e16b06eccba282003385956 361253 #P_asb_2023-07 OOBW in rw_i93_send_to_upper()
https://github.com/LineageOS/android_frameworks_base/commit/c1741be24b21788051c95fafb20f889f15c7b8a8 361254 #P_asb_2023-07 Sanitize VPN label to prevent HTML injection
https://github.com/LineageOS/android_frameworks_base/commit/63ef19bd0f36f043fa72acbb8484cae2e48a07b1 361256 #P_asb_2023-07 Import translations. DO NOT MERGE ANYWHERE
https://github.com/LineageOS/android_frameworks_base/commit/626a9919d79ad7584e30496f8b990a1a4e20ec40 361257 #P_asb_2023-07 Dismiss keyguard when simpin auth'd and...
https://github.com/LineageOS/android_frameworks_base/commit/cfab4afce18c49c6abe6e25fce9add4b57bb65e4 361259 #P_asb_2023-07 Visit URIs in landscape/portrait custom remote views.
https://github.com/LineageOS/android_tools_apksig/commit/011adec1a494974102930bf65a8d2fdfa8b375b5 361280 #P_asb_2023-07 Create source stamp verifier
https://github.com/LineageOS/android_tools_apksig/commit/9a80527425030dae7f962ab95eda500a720cde47 361281 #P_asb_2023-07 Limit the number of supported v1 and v2 signers
https://github.com/LineageOS/android_frameworks_base/commit/3f7975447006b2246dd1b8722064ca26e40aae25 361258 #P_asb_2023-07 Truncate ShortcutInfo Id
https://github.com/LineageOS/android_frameworks_base/commit/68f08d51b66b8336aeec2e01bcfa72ae5fbfb81d 361255 #P_asb_2023-07 Limit the number of supported v1 and v2 signers
https://github.com/LineageOS/android_external_aac/commit/c263e21d9cd270283c0fabddeb710798b6fe56aa 364605 #P_asb_2023-08 Increase patchParam array size by one and fix out-of-bounce write in resetLppTransposer().
https://github.com/LineageOS/android_external_freetype/commit/ef28d3d7460a814efef8174c44fde7aab4341db5 364606 #P_asb_2023-08 Cherrypick following three changes
https://github.com/LineageOS/android_frameworks_base/commit/6adafe39c32f8236e18c57bc834caa88a09ad8cc 364608 #P_asb_2023-08 Verify URI permissions for notification shortcutIcon.
https://github.com/LineageOS/android_frameworks_base/commit/0b2c705c891a44ac854cb5ec123fb869669ae5fe 364609 #P_asb_2023-08 On device lockdown, always show the keyguard
https://github.com/LineageOS/android_frameworks_base/commit/84be6e930a60f855a318c41a446b92849b50087a 364610 #P_asb_2023-08 Ensure policy has no absurdly long strings
https://github.com/LineageOS/android_frameworks_base/commit/aa0fb47602bd6bc95404d5a5468ba4db577c418f 364611 #P_asb_2023-08 Implement visitUris for RemoteViews ViewGroupActionAdd.
https://github.com/LineageOS/android_frameworks_base/commit/42d2f7a7ac4004754050ddd53f2e5b626ae28c02 364612 #P_asb_2023-08 Check URIs in notification public version.
https://github.com/LineageOS/android_packages_providers_TelephonyProvider/commit/8e5a42af29838bd09b62ec199d744c4592258eeb 364616 #P_asb_2023-08 Update file permissions using canonical path
https://github.com/LineageOS/android_packages_services_Telecomm/commit/6428c62b978aefd829bf4e91493a356c3675e5c0 364617 #P_asb_2023-08 Resolve StatusHints image exploit across user.
https://github.com/LineageOS/android_system_ca-certificates/commit/4c6994b1a05d435e40947a7315aae1a128984957 365328 #P_asb_2023-08 Drop TrustCor certificates
https://github.com/LineageOS/android_frameworks_base/commit/19dc7642fe849e85abe886b9340b5dda52e21885 364607 #P_asb_2023-08 ActivityManager#killBackgroundProcesses can kill caller's own app only
https://github.com/LineageOS/android_frameworks_base/commit/1537cadd2966e0ea2d188cd3e96af6287bb473c6 364613 #P_asb_2023-08 Verify URI permissions in MediaMetadata
https://github.com/LineageOS/android_frameworks_base/commit/507937f96405b8530f24c7625b5f5f18f7a0df55 364614 #P_asb_2023-08 Use Settings.System.getIntForUser instead of getInt to make sure user specific settings are used
https://github.com/LineageOS/android_frameworks_base/commit/2e64cb078e9e11e8310c0b589a6edd429b9c2f16 364615 #P_asb_2023-08 Resolve StatusHints image exploit across user.
https://github.com/LineageOS/android_frameworks_av/commit/7e0adcb2073a2549aa901ecc40de254202a1eded 366126 #P_asb_2023-09 Fix Segv on unknown address error flagged by fuzzer test.
https://github.com/LineageOS/android_frameworks_base/commit/383b016298865df13c1d1ead7049a9c0a73cb973 366127 #P_asb_2023-09 Forbid granting access to NLSes with too-long component names
https://github.com/LineageOS/android_frameworks_native/commit/4d3c579105e1a98abc2868723928dea280a93076 366129 #P_asb_2023-09 Allow sensors list to be empty
https://github.com/LineageOS/android_packages_services_Telephony/commit/114c9d5475962cd63ebf8f246c2c2f4a9c7fddf1 366130 #P_asb_2023-09 Fixed leak of cross user data in multiple settings.
https://github.com/LineageOS/android_system_bt/commit/f9ba876145b612b684f5b966ab524d7b5b7a783c 366131 #P_asb_2023-09 Fix an integer overflow bug in avdt_msg_asmbl
https://github.com/LineageOS/android_system_bt/commit/862350fa3b8fc51bcdd8331352f28cd6cac4bf1d 366132 #P_asb_2023-09 Fix integer overflow in build_read_multi_rsp
https://github.com/LineageOS/android_system_bt/commit/db6c02ecbc377437585b56c310e2847661dd557c 366133 #P_asb_2023-09 Fix potential abort in btu_av_act.cc
https://github.com/LineageOS/android_system_bt/commit/9b06f046f58bd82f9df6592c1a45ade8075608f9 366134 #P_asb_2023-09 Fix reliable write.
https://github.com/LineageOS/android_system_bt/commit/9ac8d616f369513b0ef4f466eded252a4511898d 366135 #P_asb_2023-09 Fix UAF in gatt_cl.cc
https://github.com/LineageOS/android_packages_apps_Settings/commit/acfa0cd4e0551d07fab0511cfb84462e70a48b53 366136 #P_asb_2023-09 Prevent non-system IME from becoming device admin
https://github.com/LineageOS/android_packages_apps_Trebuchet/commit/0c9ab1418476b9aab2830f5b3f9d4ee7be3714fd 366137 #P_asb_2023-09 Fix permission issue in legacy shortcut
https://github.com/LineageOS/android_frameworks_base/commit/3f429c322504732c25e1d92bd57fecdd8a7e5d5b 366128 #P_asb_2023-09 Update AccountManagerService checkKeyIntentParceledCorrectly.
https://github.com/LineageOS/android_frameworks_base/commit/8489bb9206314ce3be439f374704204626bd40ca 370695 #P_asb_2023-10 Verify URI Permissions in Autofill RemoteViews
https://github.com/LineageOS/android_frameworks_base/commit/aecf51e67aa3b540f86d12164be8d66e12ca47f2 370697 #P_asb_2023-10 Disallow loading icon from content URI to PipMenu
https://github.com/LineageOS/android_frameworks_base/commit/71c5804bc372c58c4f7a1b01905618cb5edb2dda 370699 #P_asb_2023-10 Revert "Dismiss keyguard when simpin auth'd and..."
https://github.com/LineageOS/android_packages_apps_Settings/commit/e7401f49ebfc563aa5fcd9aaa9981a235557d1b4 370700 #P_asb_2023-10 Restrict ApnEditor settings
https://github.com/LineageOS/android_external_libxml2/commit/2bd551871a645e43a75ce6065598d22b89b80a21 370701 #P_asb_2023-10 malloc-fail: Fix OOB read after xmlRegGetCounter
https://github.com/LineageOS/android_frameworks_base/commit/ae25f45e664b47e74fc9d73bc1b4292e6721dd7a 370693 #P_asb_2023-10 RingtoneManager: verify default ringtone is audio
https://github.com/LineageOS/android_frameworks_base/commit/7adb3e0e1d591aeabccc5edfa624a591a3428a3d 370694 #P_asb_2023-10 Do not share key mappings with JNI object
https://github.com/LineageOS/android_frameworks_base/commit/0fb320aef79861cb612fcd48585571f1715616fe 370696 #P_asb_2023-10 Fix KCM key mapping cloning
https://github.com/LineageOS/android_frameworks_base/commit/48e0cbe76661b6b4c8edb2950a572694947b5641 370698 #P_asb_2023-10 Fixing DatabaseUtils to detect malformed UTF-16 strings
https://github.com/LineageOS/android_system_ca-certificates/commit/6f06eccd9ef3d37a2d9d52d1c925c3e71f525b14 374916 #P_asb_2023-11 Remove E-Tugra certificates.
https://github.com/LineageOS/android_packages_services_BuiltInPrintService/commit/4302a583e82fa5bd76315077688818e53df98f20 374919 #P_asb_2023-11 Adjust APIs for CUPS 2.3.3
https://github.com/LineageOS/android_packages_providers_TelephonyProvider/commit/3d07f3a1821c0953d156206e288bb484a0c0f399 374920 #P_asb_2023-11 Block access to sms/mms db from work profile.
https://github.com/LineageOS/android_frameworks_base/commit/e696b2932c41ab89f4910abc5a626c8e9b8d8543 374921 #P_asb_2023-11 Fix BAL via notification.publicVersion
https://github.com/LineageOS/android_frameworks_av/commit/62ae30fad8c644b492393eb8c1eec2867cc73b07 374924 #P_asb_2023-11 Fix for heap buffer overflow issue flagged by fuzzer test.
https://github.com/LineageOS/android_external_libcups/commit/383806fb90e7246d31241ab11332f3c0172e2f17 374932 #P_asb_2023-11 Upgrade libcups to v2.3.1
https://github.com/LineageOS/android_external_libcups/commit/af78634c7babca00f4a5b1650b817b36be4e94dd 374933 #P_asb_2023-11 Upgrade libcups to v2.3.3
https://github.com/LineageOS/android_frameworks_base/commit/1c5bf358397ad6a337d375fbc8dba4d98a50eca8 374922 #P_asb_2023-11 Use type safe API of readParcelableArray
https://github.com/LineageOS/android_frameworks_base/commit/64de82f91e01d8d7d4224c737efe915397a904d2 374923 #P_asb_2023-11 [SettingsProvider] verify ringtone URI before setting
https://github.com/LineageOS/android_frameworks_av/commit/5e50aa57f52b08f4cb07a6a3f98698f2077a9cbf 377765 #P_asb_2023-12 httplive: fix use-after-free
https://github.com/LineageOS/android_frameworks_base/commit/73913dfae62f0c93147896ab07232417cff467ee 377766 #P_asb_2023-12 Visit Uris added by WearableExtender
https://github.com/LineageOS/android_frameworks_base/commit/ac1ed7557b197952a6e00eb36da31e79d7bf78a4 377769 #P_asb_2023-12 Use readUniqueFileDescriptor in incidentd service
https://github.com/LineageOS/android_frameworks_base/commit/4ca5de2bda12925a28a59a1dffaccba045b0f9cb 377771 #P_asb_2023-12 Revert "On device lockdown, always show the keyguard"
https://github.com/LineageOS/android_frameworks_base/commit/059ed6a3d856caee5896d94d9ea26f90c6117c93 377773 #P_asb_2023-12 Updated: always show the keyguard on device lockdown
https://github.com/LineageOS/android_packages_apps_Bluetooth/commit/3b53fae30442369bda8cd858f5b0ac697b9cd4ec 377774 #P_asb_2023-12 Fix UAF in ~CallbackEnv
https://github.com/LineageOS/android_packages_apps_Trebuchet/commit/02e99b157f05f8fbabb9c2457e387842ccad0bed 377775 #P_asb_2023-12 Fix permission bypass in legacy shortcut
https://github.com/LineageOS/android_packages_services_Telecomm/commit/7ef90cb74da31eb165fc624f479b02cf6df2ebda 377776 #P_asb_2023-12 Resolve account image icon profile boundary exploit.
https://github.com/LineageOS/android_system_bt/commit/26fe8da32584d6f639124e3ca8a7cbdbe5c60d89 377777 #P_asb_2023-12 Reject access to secure service authenticated from a temp bonding [1]
https://github.com/LineageOS/android_system_bt/commit/6b208d0624e05bb96bffbca43e18a03dc37d21dd 377778 #P_asb_2023-12 Reject access to secure services authenticated from temp bonding [2]
https://github.com/LineageOS/android_system_bt/commit/66a09ccfd76de30e03a843df140d7851be013052 377779 #P_asb_2023-12 Reject access to secure service authenticated from a temp bonding [3]
https://github.com/LineageOS/android_system_bt/commit/95161565e5bf426333102097a92a8f654c10e74a 377780 #P_asb_2023-12 Reorganize the code for checking auth requirement
https://github.com/LineageOS/android_system_bt/commit/037c9934224eabab778ee4cc197a46b64396633c 377781 #P_asb_2023-12Enforce authentication if encryption is required
https://github.com/LineageOS/android_system_bt/commit/80a300fa626f6c5e8e7a595469f09adc307aee40 377782 #P_asb_2023-12 Fix timing attack in BTM_BleVerifySignature
https://github.com/LineageOS/android_frameworks_base/commit/c78cee7f1c921860ac3253812548f46663383a37 377767 #P_asb_2023-12 Drop invalid data.
https://github.com/LineageOS/android_frameworks_base/commit/c58b86b918ab7085f17215883cc110ca3362235f 377768 #P_asb_2023-12 Require permission to unlock keyguard
https://github.com/LineageOS/android_frameworks_base/commit/b18f4518109c2f7a4c936321db87f5245b3143f3 377770 #P_asb_2023-12 Validate userId when publishing shortcuts
https://github.com/LineageOS/android_frameworks_base/commit/98fc501deb893768aeff55006ce445f688a88203 377772 #P_asb_2023-12 Adding in verification of calling UID in onShellCommand
https://github.com/LineageOS/android_system_netd/commit/02458b0a19ce2d3214a00f9779bd36868541b7ca 378480 #P_asb_2023-12 Fix Heap-use-after-free in MDnsSdListener::Monitor::run
https://github.com/LineageOS/android_frameworks_av/commit/978191d5fc0ede5bc11b8af2cfa2469a30ad919d 379788 #P_asb_2024-01 Fix convertYUV420Planar16ToY410 overflow issue for unsupported cropwidth.
https://github.com/LineageOS/android_frameworks_base/commit/44ce07024742aaae46a7191cd15e5ac68d209049 379789 #P_asb_2024-01 Dismiss keyguard when simpin auth'd and...
https://github.com/LineageOS/android_frameworks_base/commit/63e443bfb107da3df0e37863e34c4b947052a6c1 379790 #P_asb_2024-01 Ensure finish lockscreen when usersetup incomplete
https://github.com/LineageOS/android_frameworks_base/commit/70f50825ec98cd35d38e45eea69aa7ed8f51556a 379791 #P_asb_2024-01 Truncate user data to a limit of 500 characters
https://github.com/LineageOS/android_frameworks_base/commit/9001132c18c0eb2a6478939e1bdbbe6778af1ae3 379792 #P_asb_2024-01 Validate component name length before requesting notification access.
https://github.com/LineageOS/android_frameworks_base/commit/1cf5c05eaaff574e8dceb0c1a75ad02d0c669891 379793 #P_asb_2024-01 Log to detect usage of whitelistToken when sending non-PI target
https://github.com/LineageOS/android_frameworks_base/commit/5948fb2aef0547db38f2f9df47b6fad736ba72b0 379794 #P_asb_2024-01 Fix vulnerability that allowed attackers to start arbitary activities
https://github.com/LineageOS/android_system_bt/commit/e65eb2fdab8644f2e7885a628f6af9244ceed813 379796 #P_asb_2024-01 Fix some OOB errors in BTM parsing
https://github.com/LineageOS/android_frameworks_base/commit/309033664a4fbb6200b3fe48d33e8f63becee810 379980 #P_asb_2024-01 Fix ActivityManager#killBackgroundProcesses permissions
https://github.com/LineageOS/android_frameworks_av/commit/a42e0fc335d448e646309745a8d412d984748479 383562 #P_asb_2024-02 Update mtp packet buffer
https://github.com/LineageOS/android_frameworks_base/commit/6f5e6f86263c3db753c6d58f516070a45e30b619 383563 #P_asb_2024-02 Unbind TileService onNullBinding
https://github.com/LineageOS/android_system_bt/commit/14e35c7cf40595a6b1ff1d2e92f8b53fb356b3dc 383565 #P_asb_2024-02 Fix an OOB bug in btif_to_bta_response and attp_build_value_cmd
https://github.com/LineageOS/android_system_bt/commit/37ce9a968b579a87640d40e50ec91abe04101f3c 383566 #P_asb_2024-02 Fix an OOB write bug in attp_build_read_by_type_value_cmd
https://github.com/LineageOS/android_packages_providers_DownloadProvider/commit/d1a6862647428e9c973f4c21adc83656c5ac98f9 383567 #P_asb_2024-02 Consolidate queryChildDocumentsXxx() implementations
https://github.com/LineageOS/android_frameworks_av/commit/cc12a31fcbd0deddd5a74b7be121baf835ecf6dc 385670 #P_asb_2024-03 Validate OMX Params for VPx encoders
https://github.com/LineageOS/android_frameworks_av/commit/ed62ccd9520a671d2fb900d236f5bc5ad16a1e7c 385671 #P_asb_2024-03 Fix out of bounds read and write in onQueueFilled in outQueue
https://github.com/LineageOS/android_frameworks_base/commit/0254ee96d60cd80a52ce583c90486d6ca1549fb6 385672 #P_asb_2024-03 Resolve custom printer icon boundary exploit.
https://github.com/LineageOS/android_frameworks_base/commit/3cbbcd611ff83ef7a0f811d04f0478f2760ae891 385673 #P_asb_2024-03 Disallow system apps to be installed/updated as instant.
https://github.com/LineageOS/android_frameworks_base/commit/8befe29745f94a8d80f59f0d644315c5424c8eb6 385674 #P_asb_2024-03 Close AccountManagerService.session after timeout.
https://github.com/LineageOS/android_system_bt/commit/fbf12851fa55267f8b654f0cd1337f9f98f83c4b 385675 #P_asb_2024-03 Fix OOB caused by invalid SMP packet length
https://github.com/LineageOS/android_system_bt/commit/73c18d6ce8333f787a4cedb24d247b071bdbf078 385676 #P_asb_2024-03 Fix an OOB bug in smp_proc_sec_req
https://github.com/LineageOS/android_system_bt/commit/42ede61231b6b1a507cbc254827ff10dd5ae8c20 385677 #P_asb_2024-03 Reland: Fix an OOB write bug in attp_build_value_cmd
https://github.com/LineageOS/android_system_bt/commit/3683c921ab4afd4f2f6bef8a49cbfda227ce081f 385678 #P_asb_2024-03 Fix a security bypass issue in access_secure_service_from_temp_bond
https://github.com/LineageOS/android_frameworks_base/commit/e3d632959e2606a909427e4f717cd3a6cc14d4c6 389269 #P_asb_2024-04 isUserInLockDown can be true when there are other strong auth requirements
https://github.com/LineageOS/android_frameworks_base/commit/1010f9aae741c4b5e8400709a273910b9818f4ba 389270 #P_asb_2024-04 Fix security vulnerability that creates user with no restrictions when accountOptions are too long.