Merge "Docs: FB: fixing typo for "without""
diff --git a/src-intl/ja_ALL/security/bulletin/2016-01-01.jd b/src-intl/ja_ALL/security/bulletin/2016-01-01.jd
index c6888c4..46ec412 100644
--- a/src-intl/ja_ALL/security/bulletin/2016-01-01.jd
+++ b/src-intl/ja_ALL/security/bulletin/2016-01-01.jd
@@ -113,7 +113,8 @@
TrustZone での権限昇格の脆弱性
</td>
<td>
- CVE-2015-6639
+ CVE-2015-6639<br />
+ CVE-2015-6647
</td>
<td>
重大
@@ -240,7 +241,7 @@
</p>
<ul>
<li>
- Google Chrome セキュリティ チームの Abhishek Arya、Oliver Chang、Martin Barbella: CVE-2015-6636、CVE-2015-6617
+ Google Chrome セキュリティ チームの Abhishek Arya、Oliver Chang、Martin Barbella: CVE-2015-6636
</li>
<li>
Tencent KEEN lab(
diff --git a/src-intl/ko_ALL/security/bulletin/2016-01-01.jd b/src-intl/ko_ALL/security/bulletin/2016-01-01.jd
index 07574ab..667fdf5 100644
--- a/src-intl/ko_ALL/security/bulletin/2016-01-01.jd
+++ b/src-intl/ko_ALL/security/bulletin/2016-01-01.jd
@@ -125,7 +125,8 @@
Trustzone의 권한 승격 취약성
</td>
<td>
- CVE-2015-6639
+ CVE-2015-6639<br />
+ CVE-2015-6647
</td>
<td>
심각
@@ -265,7 +266,7 @@
</p>
<ul>
<li>
- Chrome 보안팀의 Abhishek Arya, Oliver Chang, Martin Barbella: CVE-2015-6636, CVE-2015-6617
+ Chrome 보안팀의 Abhishek Arya, Oliver Chang, Martin Barbella: CVE-2015-6636
</li>
<li>
KEEN lab, Tencent(
diff --git a/src-intl/ru_ALL/security/bulletin/2016-01-01.jd b/src-intl/ru_ALL/security/bulletin/2016-01-01.jd
index 8df5320..a2e039a 100644
--- a/src-intl/ru_ALL/security/bulletin/2016-01-01.jd
+++ b/src-intl/ru_ALL/security/bulletin/2016-01-01.jd
@@ -128,7 +128,8 @@
Повышение привилегий через Trustzone
</td>
<td>
- CVE-2015-6639
+ CVE-2015-6639<br />
+ CVE-2015-6647
</td>
<td>
Критический
@@ -268,7 +269,7 @@
<ul>
<li>
Абхишек Арья, Оливер Чен и Мартин Барбелла из команды
-безопасности Google Chrome: CVE-2015-6636, CVE-2015-6617.
+безопасности Google Chrome: CVE-2015-6636.
</li>
<li>
Сен Ние (
diff --git a/src-intl/zh-CN_ALL/security/bulletin/2016-01-01.jd b/src-intl/zh-CN_ALL/security/bulletin/2016-01-01.jd
index c00c665..edc0dce 100644
--- a/src-intl/zh-CN_ALL/security/bulletin/2016-01-01.jd
+++ b/src-intl/zh-CN_ALL/security/bulletin/2016-01-01.jd
@@ -114,7 +114,8 @@
TrustZone 中的提权漏洞
</td>
<td>
- CVE-2015-6639
+ CVE-2015-6639<br />
+ CVE-2015-6647
</td>
<td>
严重
@@ -241,7 +242,7 @@
</p>
<ul>
<li>
- Google Chrome 安全团队的 Abhishek Arya、Oliver Chang 和 Martin Barbella:CVE-2015-6636、CVE-2015-6617
+ Google Chrome 安全团队的 Abhishek Arya、Oliver Chang 和 Martin Barbella:CVE-2015-6636
</li>
<li>
腾讯 KEEN 实验室 (
diff --git a/src-intl/zh-TW_ALL/security/bulletin/2016-01-01.jd b/src-intl/zh-TW_ALL/security/bulletin/2016-01-01.jd
index 9d09d4c..933b764 100644
--- a/src-intl/zh-TW_ALL/security/bulletin/2016-01-01.jd
+++ b/src-intl/zh-TW_ALL/security/bulletin/2016-01-01.jd
@@ -122,7 +122,8 @@
Trustzone 中的權限升級漏洞
</td>
<td>
- CVE-2015-6639
+ CVE-2015-6639<br />
+ CVE-2015-6647
</td>
<td>
最高
@@ -263,7 +264,7 @@
<ul>
<li>
Google Chrome 安全性小組的 Abhishek Arya、Oliver Chang 和 Martin Barbella:
-CVE-2015-6636、CVE-2015-6617
+CVE-2015-6636
</li>
<li>
騰訊 (
diff --git a/src/compatibility/cdd.jd b/src/compatibility/cdd.jd
index 94ee75e..0773f7c 100644
--- a/src/compatibility/cdd.jd
+++ b/src/compatibility/cdd.jd
@@ -17,14 +17,35 @@
limitations under the License.
-->
-<p>
-Welcome to the Android Compatibility Definition Document (CDD). This document
+<p>Welcome to the Android Compatibility Definition Document (CDD). This document
enumerates the requirements that must be met in order for devices to be
compatible with the latest version of Android. To be considered compatible with
Android, device implementations MUST meet the requirements
presented in this Compatibility Definition, including any documents
-incorporated via reference.
-</p>
+incorporated via reference. For each release of the Android platform, a
+detailed CDD will be provided. The CDD represents the "policy" aspect of
+Android compatibility.</p>
+
+<p>It is important the policy of the Android compatibility program is codified
+explicitly as no test suite, including CTS, can truly be comprehensive. For
+instance, the CTS includes a test that checks for the presence and correct
+behavior of OpenGL graphics APIs, but no software test can verify that the
+graphics actually appear correctly on the screen. More generally, it's
+impossible to test the presence of hardware features such as keyboards, display
+density, Wi-Fi, and Bluetooth.</p>
+
+<p>The CDD's role is to codify and clarify specific requirements, and
+eliminate ambiguity. The CDD does not attempt to be comprehensive. Since
+Android is a single corpus of open-source code, the code itself is the
+comprehensive "specification" of the platform and its APIs. The CDD acts as a
+"hub" referencing other content (such as SDK API documentation) that provides
+a framework in which the Android source code may be used so that the end
+result is a compatible system.</p>
+
+<p>If you want to build a device compatible with a given Android version,
+start by checking out the source code for that version, and then read the
+corresponding CDD and stay within its guidelines. For additional details,
+simply examine <a href="/compatibility/android-cdd.pdf">the latest CDD</a>.</p>
<p>
You may view the latest CDD either as an HTML web page or an easily downloadable PDF:
@@ -45,8 +66,8 @@
</tr>
<tr>
<td>6.0</td>
- <td><a href="6.0/android-6.0-cdd.pdf">android-6.0-cdd.pdf</a> (archived copy of current)</td>
- <td><a href="6.0/android-6.0-cdd.html">android-6.0-cdd.html</a> (archived copy of current)</td>
+ <td><a href="6.0/android-6.0-cdd.pdf">android-6.0-cdd.pdf</a></td>
+ <td><a href="6.0/android-6.0-cdd.html">android-6.0-cdd.html</a></td>
<td><a href="6.0/versions.html">Version 6.0</a></td>
</tr>
<tr>
diff --git a/src/compatibility/cts/index.jd b/src/compatibility/cts/index.jd
index 7b154e5..34ee5b0 100644
--- a/src/compatibility/cts/index.jd
+++ b/src/compatibility/cts/index.jd
@@ -26,6 +26,18 @@
<h2 id="how-does-the-cts-work">How does the CTS work?</h2>
+<p>The Compatibility Test Suite (CTS) is a free, commercial-grade test suite,
+available for <a href="../downloads.html">download</a>. The CTS represents the
+"mechanism" of compatibility.</p>
+
+<p>The CTS runs on a desktop machine and executes test cases directly on
+attached devices or an emulator. The CTS is a set of unit tests designed to be
+integrated into the daily workflow (such as via a continuous build system) of
+the engineers building a device. Its intent is to reveal incompatibilities
+early on, and ensure that the software remains compatible throughout the
+development process.</p>
+
+
<p>The CTS is an automated testing harness that includes two major software components:</p>
<ul>
<li>
@@ -38,6 +50,11 @@
</li>
</ul>
+<p>The Compatibility Test Suite Verifier (CTS Verifier) is a supplement to the
+CTS available for <a href="../downloads.html">download</a>. CTS Verifier
+provides tests for APIs and functions that cannot be tested on a stationary
+device without manual input (e.g. audio quality, accelerometer, etc).</p>
+
<p>The CTS Verifier is a tool for manual testing and includes the following software components:</p>
<ul>
<li>
diff --git a/src/compatibility/overview.jd b/src/compatibility/overview.jd
index 0a1bfca..ef4c988 100644
--- a/src/compatibility/overview.jd
+++ b/src/compatibility/overview.jd
@@ -26,7 +26,9 @@
<p>The Android compatibility program makes it easy for mobile device
manufacturers to develop compatible Android devices.</p>
+
<h2 id="program-goals">Program goals</h2>
+
<p>The Android compatibility program works for the benefit of the entire
Android community, including users, developers, and device manufacturers.</p>
<p>Each group depends on the others. Users want a wide selection of devices
@@ -68,7 +70,7 @@
<p><em>Minimize costs and overhead associated with compatibility.</em>
Ensuring compatibility should be easy and inexpensive to
device manufacturers. The testing tool is free, open source, and
-available for <a href="downloads.html">download</a>.
+available for <a href="downloads.html">download</a>.
It is designed to be used for continuous self-testing
during the device development process to eliminate the cost of changing your
workflow or sending your device to a third party for testing. Meanwhile, there
@@ -76,51 +78,17 @@
fees.</p>
</li>
</ul>
+
+<h2 id="program-components">Program components</h2>
+
<p>The Android compatibility program consists of three key components:</p>
<ul>
-<li>The source code to the Android software stack</li>
-<li>The Compatilbility Definition Document (CDD), representing the "policy" aspect of compatibility</li>
-<li>The Compatilbility Test Suite (CTS), representing the "mechanism" of compatibility</li>
+<li>The <a href="https://android.googlesource.com/">Android Open Source Project</a> source code</li>
+<li>The <a href="cdd.html">Compatilbility Definition Document (CDD)<a/>, representing the "policy" aspect of compatibility</li>
+<li>The <a href="cts/index.html">Compatilbility Test Suite (CTS)</a>, representing the "mechanism" of compatibility</li>
</ul>
+
<p>Just as each version of the Android platform exists in a separate branch in
the source code tree, there is a separate CTS and CDD for each version as
well. The CDD, CTS, and source code are -- along with your hardware and your
software customizations -- everything you need to create a compatible device.</p>
-<h2 id="compatibility-definition-document-cdd">Compatibility Definition Document</h2>
-<p>For each release of the Android platform, a detailed CDD will be provided. The CDD represents the "policy"
-aspect of Android compatibility.</p>
-<p>No test suite, including CTS, can truly be comprehensive. For instance, the
-CTS includes a test that checks for the presence and correct behavior of
-OpenGL graphics APIs, but no software test can verify that the graphics
-actually appear correctly on the screen. More generally, it's impossible to
-test the presence of hardware features such as keyboards, display density,
-Wi-Fi, and Bluetooth.</p>
-<p>The CDD's role is to codify and clarify specific requirements, and
-eliminate ambiguity. The CDD does not attempt to be comprehensive. Since
-Android is a single corpus of open-source code, the code itself is the
-comprehensive "specification" of the platform and its APIs. The CDD acts as a
-"hub" referencing other content (such as SDK API documentation) that provides
-a framework in which the Android source code may be used so that the end
-result is a compatible system.</p>
-<p>If you want to build a device compatible with a given Android version,
-start by checking out the source code for that version, and then read the
-corresponding CDD and stay within its guidelines. For additional details,
-simply examine <a href="/compatibility/android-cdd.pdf">the latest CDD</a>.</p>
-<h2 id="compatibility-test-suite-cts">Compatibility Test Suite</h2>
-<p>The <a href="cts/index.html">CTS</a> is a free, commercial-grade test suite,
-available for <a href="downloads.html">download</a>.
-The CTS represents the "mechanism" of compatibility.</p>
-<p>The CTS runs on a desktop machine and executes test cases directly on
-attached devices or an emulator. The CTS is a set of unit tests designed to be
-integrated into the daily workflow (such as via a continuous build system) of
-the engineers building a device. Its intent is to reveal incompatibilities
-early on, and ensure that the software remains compatible throughout the
-development process.</p>
-<h2 id="compatibility-test-suite-verifier-cts-verifier">Compatibility Test Suite Verifier (CTS Verifier)</h2>
-<p>The Compatibility Test Suite Verifier (CTS Verifier) is a supplement to the
-CTS available for <a href="downloads.html">download</a>.
-CTS Verifier provides tests for APIs and functions that cannot be tested on a
-stationary device without manual input (e.g. audio quality, accelerometer, etc).</p>
-<p>For details on the CTS, consult the <a href="cts/index.html">CTS introduction</a>.</p>
-
-
diff --git a/src/security/bulletin/2016-01-01.jd b/src/security/bulletin/2016-01-01.jd
index 9878d74..b153d9e 100644
--- a/src/security/bulletin/2016-01-01.jd
+++ b/src/security/bulletin/2016-01-01.jd
@@ -1,4 +1,4 @@
-page.title=Nexus Security Bulletin - January 2016
+page.title=Nexus Security Bulletin—January 2016
@jd:body
<!--
@@ -24,7 +24,7 @@
</div>
</div>
-<p><em>Published January 04, 2016 | Updated January 06, 2016</em></p>
+<p><em>Published January 04, 2016 | Updated April 28, 2016</em></p>
<p>We have released a security update to Nexus devices through an over-the-air
(OTA) update as part of our Android Security Bulletin Monthly Release process.
@@ -40,7 +40,9 @@
such as email, web browsing, and MMS when processing media files.</p>
<p>We have had no reports of active customer exploitation of these newly reported
-issues. Refer to the <a href="#mitigations">Mitigations</a> section for details on the <a href="https://source.android.com/security/enhancements/">Android security platform protections</a> and service protections such as SafetyNet, which improve the security of the
+issues. Refer to the <a href="#mitigations">Mitigations</a> section for details on the
+<a href="{@docRoot}security/enhancements/index.html">Android security platform protections</a>
+and service protections such as SafetyNet, which improve the security of the
Android platform. We encourage all customers to accept these updates to their
devices.</p>
@@ -48,7 +50,9 @@
<p>The table below contains a list of security vulnerabilities, the Common
-Vulnerability and Exposures ID (CVE), and their assessed severity. The <a href="https://source.android.com/security/overview/updates-resources.html#severity">severity assessment</a> is based on the effect that exploiting the vulnerability would have on an
+Vulnerability and Exposures ID (CVE), and their assessed severity. The
+<a href="{@docRoot}security/overview/updates-resources.html#severity">severity assessment</a>
+is based on the effect that exploiting the vulnerability would have on an
affected device, assuming the platform and service mitigations are disabled for
development purposes or if successfully bypassed.</p>
<table>
@@ -74,7 +78,8 @@
</tr>
<tr>
<td>Elevation of Privilege Vulnerabilities in Trustzone</td>
- <td>CVE-2015-6639</td>
+ <td>CVE-2015-6639<br />
+ CVE-2015-6647</td>
<td>Critical</td>
</tr>
<tr>
@@ -123,7 +128,9 @@
<h2 id=mitigations>Mitigations</h2>
-<p>This is a summary of the mitigations provided by the <a href="https://source.android.com/security/enhancements/index.html">Android security platform</a> and service protections such as SafetyNet. These capabilities reduce the
+<p>This is a summary of the mitigations provided by the
+<a href="{@docRoot}security/enhancements/index.html">Android security platform</a>
+and service protections such as SafetyNet. These capabilities reduce the
likelihood that security vulnerabilities could be successfully exploited on
Android.</p>
@@ -151,14 +158,16 @@
<ul>
<li> Abhishek Arya, Oliver Chang, and Martin Barbella of Google Chrome Security
-Team: CVE-2015-6636, CVE-2015-6617
- <li> Sen Nie (<a href="https://twitter.com/@nforest_">@nforest_</a>) and jfang of KEEN lab, Tencent (<a href="https://twitter.com/k33nteam">@K33nTeam</a>): CVE-2015-6637
+ Team: CVE-2015-6636
+ <li> Sen Nie (<a href="https://twitter.com/@nforest_">@nforest_</a>) and jfang of KEEN lab, Tencent
+ (<a href="https://twitter.com/k33nteam">@K33nTeam</a>): CVE-2015-6637
<li> Yabin Cui from Android Bionic Team: CVE-2015-6640
<li> Tom Craig of Google X: CVE-2015-6641
<li> Jann Horn (<a href="https://thejh.net">https://thejh.net</a>): CVE-2015-6642
<li> Jouni Malinen PGP id EFC895FA: CVE-2015-5310
<li> Quan Nguyen of Google Information Security Engineer Team: CVE-2015-6644
- <li> Gal Beniamini (<a href="https://twitter.com/@laginimaineb">@laginimaineb</a>, <a href="http://bits-please.blogspot.com">http://bits-please.blogspot.com</a>): CVE-2015-6639
+ <li> Gal Beniamini (<a href="https://twitter.com/@laginimaineb">@laginimaineb</a>,
+ <a href="http://bits-please.blogspot.com">http://bits-please.blogspot.com</a>): CVE-2015-6639
</ul>
<h2 id=security_vulnerability_details>Security Vulnerability Details</h2>
@@ -528,3 +537,4 @@
<ul>
<li> January 04, 2016: Bulletin published.
<li> January 06, 2016: Bulletin revised to include AOSP links.
+ <li> April 28, 2016: Removed CVE-2015-6617 from Acknowledgements and added CVE-2015-6647 to summary table
