Patch 2 updates the SDK API libpng dependency to address security vulnerabilities. This update allows Android apps that are published to the Google Play store to be updated and any new published apps to comply with Google Play’s Malicious Behavior policy. You can read more about this vulnerability in CVE-2015-8540.
Patch 2 will also include all the changes provided in Patch 1 that was released in June 2016.
Look for the release of Patch 2 for ArcGIS Runtime SDK 10.2.6 for Qt within the next few weeks.