Churn

Signed-off-by: Tad <tad@spotco.us>

Patches/LineageOS-20.0/android_frameworks_base/0007-Always_Restict_Serial.patch

@@ -10,7 +10,7 @@ requiring the READ_PHONE_STATE permission.
  1 file changed, 1 insertion(+), 6 deletions(-)
 
 diff --git a/services/core/java/com/android/server/am/ActivityManagerService.java b/services/core/java/com/android/server/am/ActivityManagerService.java
-index 1428fa853f2a..f9f042ea6517 100644
+index 3e43e711e7f5..c5eb18bf40ed 100644
 --- a/services/core/java/com/android/server/am/ActivityManagerService.java
 +++ b/services/core/java/com/android/server/am/ActivityManagerService.java
 @@ -4822,12 +4822,7 @@ public class ActivityManagerService extends IActivityManager.Stub

Patches/LineageOS-20.0/android_frameworks_base/0029-Strict_Package_Checks-2.patch

@@ -11,10 +11,10 @@ Subject: [PATCH] perform additional boot-time checks on system package updates
  create mode 100644 services/core/java/com/android/server/pm/PackageVerityExt.java
 
 diff --git a/services/core/java/com/android/server/pm/InstallPackageHelper.java b/services/core/java/com/android/server/pm/InstallPackageHelper.java
-index 64a9a563e4a2..4d82581e2389 100644
+index c32a57c68ede..d037e28f74fd 100644
 --- a/services/core/java/com/android/server/pm/InstallPackageHelper.java
 +++ b/services/core/java/com/android/server/pm/InstallPackageHelper.java
-@@ -3785,6 +3785,13 @@ final class InstallPackageHelper {
+@@ -3808,6 +3808,13 @@ final class InstallPackageHelper {
              @Nullable UserHandle user) throws PackageManagerException {
          final boolean scanSystemPartition =
                  (parseFlags & ParsingPackageUtils.PARSE_IS_SYSTEM_DIR) != 0;

Patches/LineageOS-20.0/android_frameworks_native/0001-Sensors_Permission.patch

@@ -9,7 +9,7 @@ Ported from 10: ff005a6b6a38baef95c4a01d7e1fc75aac651a58
  1 file changed, 1 insertion(+)
 
 diff --git a/libs/sensor/Sensor.cpp b/libs/sensor/Sensor.cpp
-index ec0ced8663..1cf12e1f43 100644
+index b865c4d5d6..f8eac85c90 100644
 --- a/libs/sensor/Sensor.cpp
 +++ b/libs/sensor/Sensor.cpp
 @@ -59,6 +59,7 @@ Sensor::Sensor(struct sensor_t const& hwSensor, const uuid_t& uuid, int halVersi

Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_fxtec_msm8998.sh

@@ -155,12 +155,11 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-1990/4.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2162/4.4/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/^6.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/^6.3/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-20941/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23455/4.4/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23559/4.4/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26545/4.4/0007.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/4.4/0001.patch
-editKernelLocalversion "-dos.p160"
+editKernelLocalversion "-dos.p159"
 else echo "kernel_fxtec_msm8998 is unavailable, not patching.";
 fi;
 cd "$DOS_BUILD_BASE"

Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs101_private_gs-google.sh

@@ -74,7 +74,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4662/5.10/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/^5.15/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/5.10/0005.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/5.10/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch
@@ -117,8 +116,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2166/5.10/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/5.10/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2235/^6.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/5.10/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23000/^5.16/0001.patch
@@ -133,7 +130,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/5.10/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28466/5.10/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30456/5.10/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/5.10/0004.patch
-editKernelLocalversion "-dos.p133"
+editKernelLocalversion "-dos.p130"
 else echo "kernel_google_gs101_private_gs-google is unavailable, not patching.";
 fi;
 cd "$DOS_BUILD_BASE"

Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_gs201_private_gs-google.sh

@@ -74,7 +74,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4662/5.10/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20158/^5.15/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/5.10/0005.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/5.10/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/5.10/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/5.10/0005.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/5.10/0005.patch
@@ -117,8 +116,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2166/5.10/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/5.10/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2235/^6.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/5.10/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21102/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-22998/5.10/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23000/^5.16/0001.patch
@@ -133,7 +130,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/5.10/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28466/5.10/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30456/5.10/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/5.10/0004.patch
-editKernelLocalversion "-dos.p133"
+editKernelLocalversion "-dos.p130"
 else echo "kernel_google_gs201_private_gs-google is unavailable, not patching.";
 fi;
 cd "$DOS_BUILD_BASE"

Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_msm-4.14.sh

@@ -88,11 +88,9 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4378/4.14/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-4382/^6.2/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20369/4.14/0006.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20382/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-25677/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/4.14/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.14/0005.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/4.14/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/4.14/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/4.14/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42895/4.14/0002.patch
@@ -130,7 +128,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26545/4.14/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26607/4.14/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/4.14/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/4.14/0002.patch
-editKernelLocalversion "-dos.p130"
+editKernelLocalversion "-dos.p128"
 else echo "kernel_google_msm-4.14 is unavailable, not patching.";
 fi;
 cd "$DOS_BUILD_BASE"

Scripts/LineageOS-20.0/CVE_Patchers/android_kernel_google_redbull.sh

@@ -98,7 +98,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-20571/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-27950/^5.16/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-36280/4.19/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-40768/4.19/0006.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41218/4.19/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41849/4.19/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-41850/4.19/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2022-42703/4.19/0003.patch
@@ -133,8 +132,6 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2002/3.10-^6.3/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2162/4.19/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2194/4.19/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-2248/4.19/0003.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21665/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-21666/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23000/^5.16/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23454/4.19/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-23455/4.19/0003.patch
@@ -143,7 +140,7 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26545/4.19/0003.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-26607/4.19/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-28328/4.19/0004.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2023-30772/4.19/0003.patch
-editKernelLocalversion "-dos.p143"
+editKernelLocalversion "-dos.p140"
 else echo "kernel_google_redbull is unavailable, not patching.";
 fi;
 cd "$DOS_BUILD_BASE"