Docs: Changes to source.android.com

  - 169925052 Added CVE-2017-11120 and CVE-2017-11121 to September publ... by Android Partner Docs <noreply@android.com>
  - 169704024 Replace less secure manual setup of udev rules with DAC d... by claym <claym@google.com>
  - 169647120 Update documentation for forward references. by Android Partner Docs <noreply@android.com>
  - 169624347 Updating streaming details by hvm <hvm@google.com>
  - 169439761 Replace angler OPR6.170623.017 with OPR6.170623.019. by Android Partner Docs <noreply@android.com>
  - 169435603 Fix insecure wget for Android environment instructions. by Android Partner Docs <noreply@android.com>
  - 169433384 Update build numbers for Fugu O release by Android Partner Docs <noreply@android.com>
  - 169399261 Update ignore paths in security tab for localization by daroberts <daroberts@google.com>
  - 169399181 Update ignore paths in Compatibility section for localiza... by daroberts <daroberts@google.com>
  - 169299180 Updated acknowledgements for July public security bulleti... by Android Partner Docs <noreply@android.com>

PiperOrigin-RevId: 169925052
Change-Id: I9f31973956e69e9b43f8df3836af6e77d0adf89b

9 files changed, 75 insertions, 82 deletions

diff --git a/en/compatibility/_translation.yaml b/en/compatibility/_translation.yaml
index e8b4b182..9ff3ad1c 100644
--- a/en/compatibility/_translation.yaml
+++ b/en/compatibility/_translation.yaml
@@ -1,20 +1,20 @@
 ignore_paths:
-- /1.6/...
-- /2.1/...
-- /2.2/...
-- /2.3/...
-- /4.0/...
-- /4.1/...
-- /4.2/...
-- /4.3/...
-- /4.4/...
-- /5.0/...
-- /5.1/...
-- /6.0/...
-- /7.0/...
-- /7.1/...
-- /8.0/...
-- /images/...
+- /compatibility/1.6/...
+- /compatibility/2.1/...
+- /compatibility/2.2/...
+- /compatibility/2.3/...
+- /compatibility/4.0/...
+- /compatibility/4.1/...
+- /compatibility/4.2/...
+- /compatibility/4.3/...
+- /compatibility/4.4/...
+- /compatibility/5.0/...
+- /compatibility/5.1/...
+- /compatibility/6.0/...
+- /compatibility/7.0/...
+- /compatibility/7.1/...
+- /compatibility/8.0/...
+- /compatibility/images/...
 enable_continuous_translation: True
 title: Android Open Source Project Compatibility tab
 description: Translations for SAC compatibility tab
diff --git a/en/devices/architecture/hidl/index.html b/en/devices/architecture/hidl/index.html
index 20f4a607..2ff78a12 100644
--- a/en/devices/architecture/hidl/index.html
+++ b/en/devices/architecture/hidl/index.html
@@ -191,8 +191,8 @@ IMPORTS =
 TYPE =
   uint8_t | int8_t | uint16_t | int16_t | uint32_t | int32_t | uint64_t | int64_t |
  float | double | bool | string
-|  identifier  // must have been previously typedef'd
-               // or defined with struct, union, enum, or import
+|  identifier  // must be defined as a typedef, struct, union, enum or import
+               // including those defined later in the file
 |  memory
 |  pointer
 |  vec<TYPE>
diff --git a/en/devices/tech/ota/ab_updates.html b/en/devices/tech/ota/ab_updates.html
index 5d51df1f..c63f6714 100644
--- a/en/devices/tech/ota/ab_updates.html
+++ b/en/devices/tech/ota/ab_updates.html
@@ -42,6 +42,10 @@ remains usable. The download of the OTA can be attempted again.</li>
 <li>Any errors (such as I/O errors) affect only the <strong>unused</strong>
 partition set and can be retried. Such errors also become less likely because
 the I/O load is deliberately low to avoid degrading the user experience.</li>
+<li>Updates can be streamed to A/B devices, removing the need to download the
+package before installing it. Streaming means it's not necessary for the
+user to have enough free space to store the update package on <code>/data</code>
+or <code>/cache</code>.
 <li>The cache partition is no longer used to store OTA update packages, so there
 is no need for sizing the cache partition.</li>
 <li><a href="/security/verifiedboot/dm-verity.html">dm-verity</a> guarantees a
@@ -171,13 +175,13 @@ example scenarios and their associated states include the following:</p>
   </li>
 </ul>
 
-<h2 id="streaming-updates">Streaming updates</h2>
+<h3 id="streaming-updates">Streaming update support</h3>
 <p>User devices don't always have enough space on <code>/data</code> to download
 the update package. As neither OEMs nor users want to waste space on a
 <code>/cache</code> partition, some users go without updates because the device
-has nowhere to store the update package. To address this issue, Android 8.0 adds
-support for streaming A/B updates that write blocks directly to the B partition
-as they are downloaded, without having to store the blocks on
+has nowhere to store the update package. To address this issue, Android 8.0
+added support for streaming A/B updates that write blocks directly to the B
+partition as they are downloaded, without having to store the blocks on
 <code>/data</code>. Streaming A/B updates need almost no temporary storage and
 require just enough storage for roughly 100 KiB of metadata.</p>
 
@@ -198,9 +202,9 @@ unittest for TerminateTransfer between ranges</a></li>
 the RetryTimeoutCallback()</a></li>
 </ul>
 
-<p>These patches are required for Android 7.1 whether using
-<a href="https://www.android.com/gms/">Google Mobile Services (GMS)</a> or any
-other update client.</p>
+<p>These patches are required to support streaming A/B updates in Android 7.1
+whether using <a href="https://www.android.com/gms/">Google Mobile Services
+(GMS)</a> or any other update client.</p>
 
 <h2 id="life-of-an-a-b-update">Life of an A/B update</h2>
 
diff --git a/en/security/_translation.yaml b/en/security/_translation.yaml
index 66072b4f..67867a6b 100644
--- a/en/security/_translation.yaml
+++ b/en/security/_translation.yaml
@@ -1,5 +1,5 @@
 ignore_paths:
-- /bulletin/...
+- /security/bulletin/...
 enable_continuous_translation: True
 title: Android Open Source Project Security tab
 description: Translations for SAC Security tab
diff --git a/en/security/bulletin/2017-07-01.html b/en/security/bulletin/2017-07-01.html
index 0cfdf8a3..7a45b0ec 100644
--- a/en/security/bulletin/2017-07-01.html
+++ b/en/security/bulletin/2017-07-01.html
@@ -20,7 +20,7 @@
       See the License for the specific language governing permissions and
       limitations under the License.
   -->
-<p><em>Published July 5, 2017 | Updated August 17, 2017</em></p>
+<p><em>Published July 5, 2017 | Updated September 19, 2017</em></p>
 
 <p>The Android Security Bulletin contains details of security vulnerabilities
 affecting Android devices. Security patch levels of July 05, 2017 or later
@@ -1574,6 +1574,11 @@ of <a href="//c0reteam.org">C0RE Team</a></td>
 Tencent Security Platform Department</td>
   </tr>
   <tr>
+   <td>CVE-2017-0710</td>
+   <td>Zach Riggle (<a href="//twitter.com/ebeip90">@ebeip90</a>) of the
+Android Security Team</td>
+  </tr>
+  <tr>
    <td>CVE-2017-0678</td>
    <td><a href="//weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security
 Response Center, Qihoo 360 Technology Co. Ltd.</td>
@@ -1733,6 +1738,11 @@ site</a>.</p>
    <td>August 17, 2017</td>
    <td>Bulletin revised to update reference numbers.</td>
   </tr>
+  <tr>
+   <td>1.4</td>
+   <td>September 19, 2017</td>
+   <td>Updated acknowledgements for CVE-2017-0710.</td>
+  </tr>
 </table>
 </body>
 </html>
diff --git a/en/security/bulletin/2017-09-01.html b/en/security/bulletin/2017-09-01.html
index 3a0daf48..5f7fa157 100644
--- a/en/security/bulletin/2017-09-01.html
+++ b/en/security/bulletin/2017-09-01.html
@@ -20,7 +20,7 @@
       See the License for the specific language governing permissions and
       limitations under the License.
   -->
-  <p><em>Published September 5, 2017 | Updated September 13, 2017</em></p>
+  <p><em>Published September 5, 2017 | Updated September 25, 2017</em></p>
 
 <p>The Android Security Bulletin contains details of security vulnerabilities
 affecting Android devices. Security patch levels of September 05, 2017 or later
@@ -533,6 +533,22 @@ context of a privileged process.</p>
     <th>Component</th>
   </tr>
   <tr>
+    <td>CVE-2017-11120</td>
+    <td>A-62575409<a href="#asterisk">*</a><br />
+        B-V2017061204</td>
+    <td>RCE</td>
+    <td>Critical</td>
+    <td>Wi-Fi driver</td>
+  </tr>
+  <tr>
+    <td>CVE-2017-11121</td>
+    <td>A-62576413<a href="#asterisk">*</a><br />
+        B-V2017061205</td>
+    <td>RCE</td>
+    <td>Critical</td>
+    <td>Wi-Fi driver</td>
+  </tr>
+  <tr>
     <td>CVE-2017-7065</td>
     <td>A-62575138<a href="#asterisk">*</a><br />
         B-V2017061202</td>
@@ -1379,6 +1395,12 @@ CVE-2017-0785 as part of industry-coordinated disclosure.</td>
    <td>September 13, 2017</td>
    <td>Bulletin revised to include AOSP links.</td>
   </tr>
+  <tr>
+   <td>1.3</td>
+   <td>September 25, 2017</td>
+   <td>Added details for CVE-2017-11120 and CVE-2017-11121
+as part of industry-coordinated disclosure.</td>
+  </tr>
 </table>
 </body>
 </html>
diff --git a/en/source/51-android.txt b/en/source/51-android.txt
deleted file mode 100644
index 9e7963e7..00000000
--- a/en/source/51-android.txt
+++ /dev/null
@@ -1,36 +0,0 @@
-# adb protocol on passion (Nexus One)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e12", MODE="0600", OWNER="<username>"
-# fastboot protocol on passion (Nexus One)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0bb4", ATTR{idProduct}=="0fff", MODE="0600", OWNER="<username>"
-# adb protocol on crespo/crespo4g (Nexus S)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e22", MODE="0600", OWNER="<username>"
-# fastboot protocol on crespo/crespo4g (Nexus S)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e20", MODE="0600", OWNER="<username>"
-# adb protocol on stingray/wingray (Xoom)
-SUBSYSTEM=="usb", ATTR{idVendor}=="22b8", ATTR{idProduct}=="70a9", MODE="0600", OWNER="<username>"
-# fastboot protocol on stingray/wingray (Xoom)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="708c", MODE="0600", OWNER="<username>"
-# adb protocol on maguro/toro (Galaxy Nexus)
-SUBSYSTEM=="usb", ATTR{idVendor}=="04e8", ATTR{idProduct}=="6860", MODE="0600", OWNER="<username>"
-# fastboot protocol on maguro/toro (Galaxy Nexus)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e30", MODE="0600", OWNER="<username>"
-# adb protocol on panda (PandaBoard)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d101", MODE="0600", OWNER="<username>"
-# adb protocol on panda (PandaBoard ES)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="d002", MODE="0600", OWNER="<username>"
-# fastboot protocol on panda (PandaBoard)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d022", MODE="0600", OWNER="<username>"
-# usbboot protocol on panda (PandaBoard)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d00f", MODE="0600", OWNER="<username>"
-# usbboot protocol on panda (PandaBoard ES)
-SUBSYSTEM=="usb", ATTR{idVendor}=="0451", ATTR{idProduct}=="d010", MODE="0600", OWNER="<username>"
-# adb protocol on grouper/tilapia (Nexus 7)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e42", MODE="0600", OWNER="<username>"
-# fastboot protocol on grouper/tilapia (Nexus 7)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4e40", MODE="0600", OWNER="<username>"
-# adb protocol on manta (Nexus 10)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee2", MODE="0600", OWNER="<username>"
-# fastboot protocol on manta (Nexus 10)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee0", MODE="0600", OWNER="<username>"
-# adb protocol on hammerhead (Nexus 5)
-SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", ATTR{idProduct}=="4ee1", MODE="0600", OWNER="<username>"
diff --git a/en/source/build-numbers.html b/en/source/build-numbers.html
index e50741a7..0e11aa5d 100644
--- a/en/source/build-numbers.html
+++ b/en/source/build-numbers.html
@@ -208,7 +208,13 @@ site:</p>
   </thead>
   <tbody>
     <tr>
-      <td>OPR6.170623.017</td>
+      <td>OPR6.170623.021</td>
+      <td>android-8.0.0_r12</td>
+      <td>Oreo</td>
+      <td>Nexus Player</td>
+    </tr>
+    <tr>
+      <td>OPR6.170623.019</td>
       <td>android-8.0.0_r11</td>
       <td>Oreo</td>
       <td>Nexus 6P</td>
diff --git a/en/source/initializing.html b/en/source/initializing.html
index eb8dce3d..505b647e 100644
--- a/en/source/initializing.html
+++ b/en/source/initializing.html
@@ -181,23 +181,10 @@ sudo apt-get install libx11-dev:i386
 
 <h3 id="configuring-usb-access">Configuring USB Access</h3>
 
-<p>Under GNU/Linux systems (and specifically under Ubuntu systems),
-regular users can't directly access USB devices by default. The
-system needs to be configured to allow such access.</p>
-<p>The recommended approach is to create a file at
-<code>/etc/udev/rules.d/51-android.rules</code> (as the root user).</p>
-
-<p>To do this, run the following command to download the <a
-href="51-android.txt">51-android.txt</a> file attached to this site, modify
-it to include your username, and place it in the correct location:</p>
-
-<pre class="devsite-terminal devsite-click-to-copy">
-wget -S -O - http://source.android.com/source/51-android.txt | sed "s/&lt;username&gt;/$USER/" | sudo tee >/dev/null /etc/udev/rules.d/51-android.rules; sudo udevadm control --reload-rules
-</pre>
-
-<p>Those new rules take effect the next time a device is plugged in.
-It might therefore be necessary to unplug the device and plug it
-back into the computer.</p>
+<p>Install a community-maintained default set of <code>udev</code> rules for
+all Android devices by following the instructions to <a
+href="https://developer.android.com/studio/run/device.html#setting-up"
+class="external">Set up a device for development</a>.
 
 <h3 id="using-a-separate-output-directory">Using a separate output directory</h3>