Android 4 .4 .4 KTU84P Factory Images & Driver Binaries Are Now Available for Nexus Devices! Just over sometime ago 4.4.3 was launched after many leaks, while the next big version is being awaited at the I/O later this month, the update has taken everyone by surprise. Seriously, No one saw it coming with Google I/O just over a week ahead and everyones super excited for Android Lollipop 5.0 ( or maybe 4.5 ).

The guys over at FunkyAndroid have released the entire changelog as ever from KTU84M (4.4.3_r1.1) to KTU84P (4.4.4_r1)

Project: platform/build
27aae42 : “KTU84P”
7f83b7c : MR2.1 – Version 4.4.4. Here we go! DO NOT MERGE

Project: platform/cts
b8e2dab : DO NOT MERGE Update for version bump
6da2c75 : CTS test for OpenSSL’s early CCS issue
a3b762f : Disable host side holotests also
8e02f46 : CTS report MUST not display raw performance
numbers. bug:13347703
510cfbc : media: Refactor and improve robustness of
e502d40 : Fix a concurrency bug in
3a90060 : hardware: consumerir: Increase test pattern
c070509 : hardware: consumerir: Fix time discrepancy
1856a4e : CTS test for Heartbleed vulnerability in SSLSocket.

Project: platform/external/
76d1172 : Backport “Recycle old V8 wrapper objects on
afae5d8 : Block access to java.lang.Object.getClass in
injected Java objects

Project: platform/external/
3fb1c1e : Fix Java Bridge wrapper properties cleanup for
multi-frame pages
b13a6de : Cherry-pick “Export

Project: platform/external/
e2f305e : Cherrypick “OpenSSL: add CVE fixes from

Project: platform/external/
dd1da36 : Fix Early CCS bug

Project: platform/frameworks/
63ade05 : Add EventLog event for logging of attempts to
call java.lang.Object.getClass

Project: platform/frameworks/
7a7dce8 : Sanitize selector Intent when handling intent:

The above raw log wouldn’t be possible without the modified version of this script written by JBQ . t is clear that this is a security fix along with few minor fixes for webview and chromium, as well as event logging.

Also, as pointed out by guys over at XDA the vulnerability patched by this update isn’t the Linux kernel CVE-2014-3153 vulnerability exploited
in geohot’s towelroot, but rather an OpenSSL early CCS issue (CVE-2014-0224) that may lead to certain types of man-in-the-middle attacks.

Expect the update to roll out for the recent nexus devices very soon, except for the Nexus 7 2013 LTE.

About The Author

Senior Editor at Techzei. Android Specialist

Leave a Reply