Fixed
Status Update
No update yet.
Comments
jb...@google.com
ap...@google.com
Project: platform/frameworks/support
Branch: androidx-master-dev
commit 9278b8989a0703ec9de6351cbc91605b3408de2d
Author: Sumir Kataria <sumir@google.com>
Date: Mon Apr 29 10:27:32 2019
Update keepForAtLeast documentation to mention unfinished work won't be pruned.
Fixes: 130638001
Test: N/A
Change-Id: I1dfded630178cb049c7fd12cc2fe436e39c863ff
M work/workmanager/src/main/java/androidx/work/WorkRequest.java
https://android-review.googlesource.com/953577
https://goto.google.com/android-sha1/9278b8989a0703ec9de6351cbc91605b3408de2d
Branch: androidx-master-dev
commit 9278b8989a0703ec9de6351cbc91605b3408de2d
Author: Sumir Kataria <sumir@google.com>
Date: Mon Apr 29 10:27:32 2019
Update keepForAtLeast documentation to mention unfinished work won't be pruned.
Fixes: 130638001
Test: N/A
Change-Id: I1dfded630178cb049c7fd12cc2fe436e39c863ff
M work/workmanager/src/main/java/androidx/work/WorkRequest.java
il...@google.com
While ActivityResultRegistry's use of Random has no relevance to cryptography or security, we've moved to Kotlin's Random API. This will be available in Activity 1.8.0-alpha03.
we...@salesforce.com
Thank you all for the resolution! Have a great day.
Description
Hello, in a security audit we found an instance of insecure Random Number Generator.
File androidx/activity/result/ActivityResultRegistry.java near line 25:
This is the report we got:
Category Cryptography and Insecure Storage
Testing Method Black Box
Tools Used Apktool, dex2jar, jd-gui
Component used: Activity
Version used: 1.8
Devices/Android versions reproduced on: Android api 31.
If this is a bug in the library, we would appreciate if you could attach:
- Sample project to trigger the issue.
- A screenrecord or screenshots showing the issue (if UI related).