Android M came packed with the new security provider: BoringSSL. Therefore I wonder: do I still have to update the SecurityProvider on Android M devices using the Dynamic Security Provider from Google Play Services (e.g.: ProviderInstaller.installIfNeeded(getContext());) ?
The Answer is, for now: allways patch it! Because, basically: you don't know whether any of the-by-the-manufacturer-provided Security providers within Android are patched correctly! So I am patching always.