This only includes changes on top of the Android Open Source Project source to compile pure AOSP for OMAP4 Devices. The raw log was generated using a modified version of this script written by JBQ and improved by Al Sutton.

Please do not copy this without attribution to this site and JBQ for the original script.

+- Project: android_art

479fe13 : Finish fixing Zygote descriptor leakage problem

+- Project: android_bionic

410a6d5 : Fix overflow testing in sbrk.
b457cb7 : Fix brk/sbrk error checking.

+- Project: android_bootable_recovery

87bc27b : Track usage of Vector / SortedVector from libutils DO NOT MERGE

+- Project: android_build

5a56ae8 : Update security patch string to 2016-08-01 - For Partners only
9dcdc2e : Updating security string to 2016-07-01
7bade4d : Update security patch string to 2016-06-01
da03ce5 : Allow building with javac 1.7
43f238c : Some changes added to compile and run with Java 6 and Java 7.
e746334 : build: Allow building with OpenJDK
c2af00f : Support building with GNU make 4.0
b246e79 : Merge Conflict--Update Security String to 2016-05-01 in preparation for May 2016 Security OTA
c61a5c2 : Updating security string patch to 2016-04-01
1b11d53 : Updating security patch string to 2016-03-01
d7b4806 : DO NOT MERGE - Update security string to 2016-02-01
69b783f : Update Security String to 2016-01-01 - DO NOT MERGE
17c9809 : Update security string to 2015-12-01 - DO NOT MERGE
a232f4d : DO NOT MERGE - Backport of ag/748221 - Security Patch Level in Settings CL#2/3

+- Project: android_dalvik

98e6ecd : Fix potential buffer overrun.
29a0b87 : Remove old fork-and-specialize API
7004b0c : Finish fixing Zygote descriptor leakage problem

+- Project: android_external_aac

5157f83 : Fix aacDecoder_drcExtractAndMap()
df09a70 : Fix stack corruption happening in aacDecoder_drcExtractAndMap()

+- Project: android_external_bluetooth_bluedroid

905a778 : DO NOT MERGE Fix potential DoS caused by delivering signal to BT process
055cf78 : DO NOT MERGE btif: check overflow on create_pbuf size
0043c95 : Change pairing_cb to assume temporary pairing by default
260bf63 : DO NOT MERGE Check size of pin before replying
bb50d03 : DO NOT MERGE Remove Porsche car-kit pairing workaround
242b1e0 : Use 0000 as pin key for PORCHE_PAIRING_CONFLICT issue
a61bd41 : DO NOT MERGE - Add proper checks for PAN & BNEP in BD stack

+- Project: android_external_bouncycastle

19dac08 : DO NOT MERGE bouncycastle: limit input length as specified by the NIST spec

+- Project: android_external_chromium_org

797ceca : Disable SPDY pooling
af8709f : Add client-side support for TLS_FALLBACK_SCSV
5dab2e1 : Disable SPDY pooling

+- Project: android_external_chromium_org_third_party_openssl

407ed3e : Add client-side support for TLS_FALLBACK_SCSV.
9b83937 : Only allow ephemeral RSA keys in export ciphersuites.

+- Project: android_external_dhcpcd

2a4c627 : Improve length checks in DHCP Options parsing of dhcpcd.
6f91ba0 : Really disable IPv6 RA processing in dhcpcd.
61ea854 : Fix DoS vulnerability in DHO_OPTIONSOVERLOADED.

+- Project: android_external_flac

ad10b47 : Avoid free-before-initialize vulnerability in heap

+- Project: android_external_jhead

96777bd : Fix possible out of bounds access

+- Project: android_external_libvpx

9837fbc : DO NOT MERGE - external/libvpx/libwebm: Update snapshot
22abafc : DO NOT MERGE - libvpx: Pull from upstream

+- Project: android_external_okhttp

eae3944 : Fix a bug in OkHostnameVerifier wildcard handling.
b6b72da : SCSV support

+- Project: android_external_openssl

a02d734 : Fix memory issues in BIO_*printf functions
47c113e : Check that we have enough padding characters.
18b642b : Constant-time utilities
86fbed9 : Fix encoding bug in i2c_ASN1_INTEGER
7b976ba : Fix double-free in DSA code (CVE-2016-0705)
ad41f66 : Add support for TLS_FALLBACK_SCSV
6b408ee : Fix for CVE-2014-0195
21fd5a0 : Fix CVE-2014-0221
7e12360 : Fix CVE-2014-3470
c785241 : Only allow ephemeral RSA keys in export ciphersuites.

+- Project: android_external_skia

4a0fbab : Use min/max to pin value between 0 and 255.
d58a710 : Update SK_CRASH to default to abort().
d50f2b8 : Fix removal of SI8_opaque_D32_nofilter_DX_arm
02ce051 : Remove SI8_opaque_D32_nofilter_DX_arm DO NOT MERGE
1168aa4 : Prevent malformed ICO files from recursively decoding
968454f : Fix overflow when comparing two ints by promoting the sum to 64-bits.
3e9f006 : Handle bad ICO data better.
ae64a20 : SkScaledBitmapSampler: fix memory overwritten

+- Project: android_external_sonivox

8f43a5c : Sonivox: add SafetyNet log.
b026654 : Sonivox: sanity check numSamples.
161a3de : Check segments and libs
2f4af97 : Sonivox: check loopStart/loopLength against one specific wave, not whole wave pool.
8407cb0 : Sonivox: fix overflow in Parse_data in eas_mdls.c
6d9c04a : Sonivox: make sure waveIndex is valid in Parse_rgn() in eas_mdls.c.
ac4e1ec : DLS parser: fix wave pool size check.

+- Project: android_external_sqlite

c10cb2b : sqlite: upgrade to patched SQLite 3.7.11 - DO NOT MERGE
65efff0 : Fix world-readable permissions due to sqlite race condition

+- Project: android_external_tremolo

8b021d2 : Check partword is in range for # of partitions
7dedfd2 : libvorbisidec: sanity check index of marker.
b7a83c4 : Fix vorbis decoder crash due to out of bounds memory access
f22c84d : Fix allocation failure crash
c1be890 : Add sanity checks to fix crash

+- Project: android_external_wpa_supplicant_8

0ae423e : Guard against return value already being null
3fd5d95 : Remove newlines from config output
633c8ed : P2P: Validate SSID element length before copying it
2534946 : hostapd_cli: Use os_exec() for action script execution
e722e25 : wpa_cli: Use os_exec() for action script execution
3be0547 : Add os_exec() helper to run external programs

+- Project: android_frameworks_av

1d28916 : DO NOT MERGE: Camera: Adjust pointers to ANW buffers to avoid infoleak
c50e647 : DO NOT MERGE omx: check buffer port before using
65a5abb : Check effect command reply size in AudioFlinger
9b75782 : DO NOT MERGE SoftAAC2: fix crash on all-zero adts buffer
299015c : Fix potential overflow
6a3270e : Don't use sp<>&
2c87d9b : DO NOT MERGE MPEG4Extractor: ensure kKeyTrackID exists before creating an MPEG4Source as track.
411bf4c : DO NOT MERGE Check malloc result to avoid NPD
69d8a6a : DO NOT MERGE limit mediaserver memory
2a0367a : h264bsdActivateParamSets: Prevent multiplication overflow.
0d9071b : Fix security vulnerability in libstagefright
3303db0 : Clear unused pointer field when sending across binder
832d1c1 : DO NOT MERGE codecs: check OMX buffer size before use in vorbisdec
29a056f : DO NOT MERGE codecs: check OMX buffer size before use in (h263|h264)dec
23927df : SampleTable.cpp: Fixed a regression caused by a fix for bug 28076789.
1983979 : SampleTable.cpp: Prevent corrupted stts block from causing excessive memory allocation.
c6b9d96 : DO NOT MERGE Don't reject "thumbnail mode" setConfig
352b76d : DO NOT MERGE Verify OMX buffer sizes prior to access
c8ccb66 : AudioSource: initialize variables
32cf7c2 : Check mp3 output buffer size
b6237f7 : DO NOT MERGE codecs: check OMX buffer size before use in (gsm|g711)dec
66501a5 : h264dec: check for overflows when calculating allocation size.
e666550 : Fix AMR decoder
22720cf : SoftAMR: check input buffer size to avoid overflow.
c11c8d0 : SoftAMR: check output buffer size to avoid overflow.
7be9cb7 : DO NOT MERGE codecs: check OMX buffer size before use in VP8 encoder.
253ae23 : NuPlayerStreamListener: NULL and bounds check before memcpy
c0c1993 : Camera3Device: Validate template ID
217b421 : DO NOT MERGE Add VPX output buffer size check
3309d24 : stagefright: Remove assert for corrupt clips for AMRNB
56b2745 : Also fix out of bounds access for normal read
1ab00ce : Get service by value instead of reference
dd30f8d : Clear allocation to avoid info leak
c4cbc85 : DO NOT MERGE - Remove deprecated image defines
c92771e : Camera: Disallow dumping clients directly
adef7a9 : fix possible overflow in effect wrappers.
c0f6f46 : Fix out-of-bounds write
c70b5d0 : DO NOT MERGE - libstagefright: check requested memory size before allocation for SoftMPEG4Encoder and SoftVPXEncoder.
0474810 : DO NOT MERGE SoundPool: add lock for findSample access from SoundPoolThread
f6172fa : DO NOT MERGE - AudioFlinger: Clear record buffers when starting RecordThread
e174797 : DO NOT MERGE - OMX: allow only secure codec to remotely call allocateBuffer.
cb2c814 : ID3: check possible integer overflow for extendedHeaderSize and paddingSize.
c714ba4 : Check NAL size before use
673fa58 : MPEG4Extractor: ensure buffer size is not less than 8 for LastCommentData.
c9d549f : Don't crash when there's no conceal frame
1673e05 : DO NOT MERGE stagefright: fix AMessage::FromParcel
170139e : DO NOT MERGE Fix vulnerability in mediaserver
0702359 : DO NOT MERGE NuCachedSource2: fix possible erroneous early free
63f26e4 : Limit allocations to avoid out-of-memory
b820d9c : Fix heap data leak vulnerability
64ca46c : Fix for security vulnerability in media server DO NOT MERGE
741632c : DO NOT MERGE - IAudioFlinger: always initialize variables to ensure no info leak when writing them to Parcel.
95539e9 : Make IEffect command more robust (second try)
a164f44 : libmedia: clear reply data for IEffect command
bdabc96 : Fix timedtext parsing
575336a : DO NOT MERGE - libstagefright: sanity check size before dereferencing pointer in Utils.cpp
b22bb70 : DO NOT MERGE fix build
6a2c96d : DO NOT MERGE Avoid size_t overflow in base64 decoding once again
cfad707 : Ogg: avoid size_t overflow in base64 decoding
a832561 : DO NOT MERGE - IAudioFlinger: clear config before reading it from parcel.
86ba4be : Zero out return values in media binder calls
4ead418 : IMediaPlayer.cpp: make sure structures are initialized to 0
acb73db : stagefright: check IMemory::pointer() before using the allocation
0269d9c : Fail more gracefully on allocation failure
2365806 : Fix compile failure after rI431aa2b7d30a942350ab6d105451c6b77e2f99d4
2376346 : libstagefright: fix overflow in pvdec_api.cpp.
49cd07d : libstagefright: check memory size for overflow before allocation.
e8b6868 : Fix for memory corruption in ID3::removeUnsynchronizationV2_4(). Bug: 23227354
570756d : Fix build break DO NOT MERGE
deb39a9 : Fix crash on malformed id3
01c82e6 : libstagefright: fix possible overflow in amrwbenc.
1792dcc : DO NOT MERGE - audio flinger: fix fuzz test crash
c0bccf3 : DO NOT MERGE Part of fix for libmedia OOB write anywhere
4302151 : libstagefright: fix possible overflow in ID3.
fe33f86 : Prevent integer issues in ID3::Iterator::findFrame
5db1e75 : SampleTable: fix integer overflow checks.
59aed18 : Extra sanity checks on sample size and resolution
3b7cb64 : libstagefright: check overflow before memory allocation in OMXCodec.cpp
6032bae : Sanity check padding/delay values for gapless playback
febb4c9 : MatroskaExtractor: detect infinite loop when parsing NALs
36a8243 : DO NOT MERGE libstagefright: Fix crash in convertMetaDataToMessage
c10f497 : Fix Ogg album art
3cef83d : Fix comparison sign warnings.
7d90c96 : libstagefright: fix overflow in MPEG4Source::parseSampleAuxiliaryInformationOffsets.
53081ca : MPEG4Extractor.cpp: Add check for size == SIZE_MAX
6b72ea9 : Check RTSP payload length
11e66d1 : ABuffer: reset members when memory allocation fails.
41eb89f : DO NOT MERGE - Fix software video decoder buffer size calculation
0bd52e8 : DO NOT MERGE - SoftwareRenderer: sanity check buffer size before copying data.
0284ff4 : Check vector size before accessing
1616cf0 : SoftAVCEnc: check requested memory size before allocation.
21f2645 : Check buffer size before using it
c056476 : MPEG4Source::fragmentedRead: check range before writing into buffers
b425784 : do not dequeue from native window after we hit fatal error -- DO NOT MERGE
ebf71f0 : libstagefright: fix handling of mSampleTimeEntries and mNumSampleSizes in SampleTable.
8ab3245 : libstagefright: check remaining data size before parsing it.
fa16aa6 : Check integer overflow to prevent memory corruption
afcaff4 : Fix several ineffective integer overflow checks
3e66cda : SampleTable: check integer overflow during table alloc
21f648f : DO NOT MERGE - audio effects: fix heap overflow
1060675 : MPEG4Extractor.cpp: handle chunk_size > SIZE_MAX
fa46e35 : DO NOT MERGE - IOMX: Add buffer range check to emptyBuffer
67c8578 : HDCP: buffer over flow check -- DO NOT MERGE
abe438b : DO NOT MERGE: Add AUtils::isInRange, and use it to detect malformed MPEG4 nal sizes
32b89dd : Fix integer overflow when handling MPEG4 tx3g atom
a95f8ed : Fix integer underflow in covr MPEG4 processing
00b3442 : Prevent integer overflow when processing covr MPEG4 atoms
c88d6b7 : Fix integer underflow in ESDS processing
3701ee4 : Fix integer overflow during MP4 atom processing
ff687ba : Guard against codecinfo overflow

+- Project: android_frameworks_base

3e7694c : DO NOT MERGE: Don't trust callers to supply app info to bindBackupAgent()
ce65785 : Don't pass URL path and username/password to PAC scripts
55c1fe2 : DO NOT MERGE Fix intent filter priorities
f415bf5 : Fix issue #16794553: Duplicate ArrayMap entries in Bundle...
f702e7c : Do not persist and restore the media button event receiver
f225754 : Change permission guard on bindBackupAgent()
d1cf7a6 : Prevent system uid component from running in an app process
5d4d8d2 : Prevent insanely long passwords from crashing SystemUI
1eef089 : Finish fixing Zygote descriptor leakage problem
acb473a : DO NOT MERGE Redact Account info from getCurrentSyncs
268ddae : NPE fix for SyncStorageEngine read authority
41f642a : Sync extras bundle comparison can throw NPE
7c16306 : Make Bitmap_createFromParcel check the color count. DO NOT MERGE
bf1c34e : DO NOT MERGE - Backport of ag/748165 to klp-dev Security patch level in Settings
41d7f47 : Allow debugging only for apps forked from zygote
04463e6 : Ensure that unparcelling Region only reads the expected number of bytes
f0bc716 : Check that the parcel contained the expected amount of region data.

+- Project: android_frameworks_native

8135304 : Correctly handle dup() failure in Parcel::readNativeHandle
d3a0834 : Fix issue #27252896: Security Vulnerability -- weak binder
1ad5757 : DO NOT MERGE BQ: fix some uninitialized variables
b016f87 : Merge conflict--DO NOT MERGE Add SN logging
072f129 : Sanity check IMemory access versus underlying mmap
04ee44c : DO NOT MERGE BQ: Add permission check to BufferQueueConsumer::dump
371f043 : IGraphicBufferProducer: fix QUEUE_BUFFER info leak
01fe256 : DO NOT MERGE: fix build try #2
891ddd2 : DO NOT MERGE: fix build breakage
188769e : add number constraint for samples per MotionEvent
57de8c5 : Disregard alleged binder entities beyond parcel bounds
229be7d : Update maxNumber to be smaller.
69cb285 : Fix for corruption when numFds or numInts is too large.
ed3f1ee : Initialize local variables to avoid data leak

+- Project: android_frameworks_opt_telephony

b1488c9 : backport security fix: avoid set NITZ time to 2038
4770a87 : opt/telephony: Fix compile on JDK7
1eddbd9 : Externally-reported Moderate severity vulnerability in SMS

+- Project: android_libcore

30d2012 : Use SSL_session_reused to check when a session was reused
1f1ef09 : art: Fix building under JDK7
feacaf7 : Fix compilation of Enum on JDK 7
c78565c : Locale: Retain compatibility with 4.4 APIs
833e901 : java7: Implement new Locale APIs.
1a65a30 : Remove old fork-and-specialize API
90c7c5d : DO NOT MERGE Prevent duplicate certificates in TrustedCertificateIndex
be492cb : DO NOT MERGE Cache intermediate CA separately
de823c2 : Finish fixing Zygote descriptor leakage problem
026c6fb : Add API to check certificate chain signatures
032ee01 : OpenSSLX509Certificate: mark mContext as transient
894c826 : Fix a bug in DefaultHostnameVerifier wildcard handling.
822236a : Add additional checks in ObjectInputStream
9562048 : Add additional field checks for deserialization.
39c70da : DO NOT MERGE: Add a way to get all values of an attribute of DN.
b99ad53 : Add support for TLS_FALLBACK_SCSV

+- Project: android_packages_apps_Bluetooth

32190b5 : DO NOT MERGE Fix security vulnerabilities in permission of deleting MMS/SMS

+- Project: android_packages_apps_CertInstaller

a8fcb2b : Trust CA certificates added for the whole OS only

+- Project: android_packages_apps_Gallery2

ed8ff81 : util: Fix build of LinkNode.java.

+- Project: android_packages_apps_Mms

ea70340 : Fix a NPE when update message status

+- Project: android_packages_apps_Nfc

c71a5df : Verify setForegroundDispatch caller is in foreground. (DO NOT MERGE)

+- Project: android_packages_apps_Settings

7c97677 : SECURITY: Don't pass a usable Pending Intent to 3rd parties.
e022728 : Add translations for Security Patch Level.
a2d7427 : DO NOT MERGE - Backport of ag/748147 - Security Patch Level in Settings CL#3/3
169c0d5 : Check for special char when renaming device for Wi-Fi direct.

+- Project: android_packages_apps_UnifiedEmail

74bbf66 : Disallow attachments from file:///data/

+- Project: android_packages_services_Telephony

37eaff6 : DO NOT MERGE - Prevent "add-call" UI during setup wizard.

+- Project: android_system_core

876b218 : Fix scanf %s in lsof.
35ae4ed : Fix overflow in path building
a6504fd : Don't demangle symbol names. DO NOT MERGE
1c7667c : Don't create tombstone directory. DO NOT MERGE
e448b26 : debuggerd: use O_NOFOLLOW|O_CLOEXEC for tombstones. DO NOT MERGE
7421a61 : ensure /data/tombstones exists on all Android device. DO NOT MERGE
da777f2 : Add macro to call event logger for errors. DO NOT MERGE
7146603 : libutils: Fix integer overflows in VectorImpl. DO NOT MERGE
e5a4c59 : Fix compile failure after rIfe1dc0791040150132bea6884f1e6c8d31972d1b
9fec438 : libutils: fix overflow in String8::allocFromUTF8
62b0ab5 : libutils: fix overflow in SharedBuffer

+- Project: android_system_security

2693710 : Properly check for Blob max length
72eade5 : Fix unchecked length in Blob creation