Same question for me. I am also looking to update an existing 5.1.1 AOSP version for our device (NanoPI 3). Which is by default using 5.1.1_r5 How can I integrate the patches? Do I have to lookup every patch file, or can I just use the latest wpa_supplicant_8 git and put the folder in my AOSP source?
Am Donnerstag, 23. November 2017 21:37:27 UTC+1 schrieb Raphael Garcia-Melgares: > > Hello AOSP team, > > I have a question about the security bulletins and the corresponding > patches. I would like to make a marshmallow AOSP build with the latest > security patches but it seems to me that the security patches were not > backported to this version since a while. > > For example if I take the recent KRACK vulnerability, I see 5.0.2, 5.1.1, > 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 in the list of of updated AOSP versions > in the corresponding bulletin ( > https://source.android.com/security/bulletin/2017-11-01). > However when I look the android official wpa_supplicant repository ( > https://android.googlesource.com/platform/external/wpa_supplicant_8/) I > see that none of the marshmallow branches has been updated since a while. > > marshmallow-release last commit 2015 > marshmallow-mr3-release last commit 2016 > marshmallow-mr2-release last commit mar 2017 > marshmallow-mr1-release last commit 2016 > marshmallow-dev last commit 2015 > > Am I looking at the wrong place ? > I fully realize that marshmallow is already an old version and that > backporting security patches can represent a lot of work but then wouldn't > "affected AOSP" versions be a better description ? > > The goal here is not to undermine the awesome job done for security by > providing these security bulletins but simply to try to make sense of this > "updated AOSP version" mention. > > Thanks, > Raphael > > -- -- You received this message because you are subscribed to the "Android Building" mailing list. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-building?hl=en --- You received this message because you are subscribed to the Google Groups "Android Building" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
