diff --git a/Patches/Common/android_vendor_divested/divestos.mk b/Patches/Common/android_vendor_divested/divestos.mk
index c975467f..febdf1cf 100644
--- a/Patches/Common/android_vendor_divested/divestos.mk
+++ b/Patches/Common/android_vendor_divested/divestos.mk
@@ -18,9 +18,10 @@ PRODUCT_PROPERTY_OVERRIDES += \
     ro.build.selinux=1 \
     ro.storage_manager.enabled=true
 
-#Copy extra files
-#PRODUCT_COPY_FILES += \
-#    vendor/divested/prebuilts/etc/additional_fdroid_repos.xml:system/etc/org.fdroid.fdroid_dos/additional_repos.xml
+Copy extra files
+PRODUCT_COPY_FILES += \
+    vendor/divested/prebuilts/etc/additional_fdroid_repos.xml:system/etc/org.fdroid.fdroid_dos/additional_repos.xml \
+    vendor/divested/prebuilts/etc/additional_fdroid_repos.xml:system/etc/org.fdroid.fdroid/additional_repos.xml
 
 #Include packages
 #PRODUCT_PACKAGES += ModuleBlocker
diff --git a/Patches/Common/android_vendor_divested/prebuilts/etc/additional_fdroid_repos.xml b/Patches/Common/android_vendor_divested/prebuilts/etc/additional_fdroid_repos.xml
index fedf246b..ea21e721 100644
--- a/Patches/Common/android_vendor_divested/prebuilts/etc/additional_fdroid_repos.xml
+++ b/Patches/Common/android_vendor_divested/prebuilts/etc/additional_fdroid_repos.xml
@@ -1,18 +1,16 @@
 <?xml version="1.0" encoding="utf-8"?>
-
+	<resources>
+	    <string-array name="additional_repos">
 <!-- name -->
 <item>DivestOS Official</item>
 <!-- address -->
 <item>https://divestos.xyz/fdroid/official</item>
 <!-- description -->
-<item>This repository contains apps created by Divested Computing, Inc.
-</item>
+<item>This repository contains apps created by Divested Computing, Inc.</item>
 <!-- version -->
 <item>18</item>
 <!-- enabled -->
 <item>1</item>
-<!-- priority -->
-<item>5</item>
 <!-- push requests -->
 <item>ignore</item>
 <!-- pubkey -->
@@ -25,14 +23,11 @@
 <!-- address -->
 <item>https://divestos.xyz/fdroid/unofficial</item>
 <!-- description -->
-<item>This repository contains unofficial builds of open source apps that are not included in the official F-Droid repo or IzzySoft repo.
-</item>
+<item>This repository contains unofficial builds of open source apps that are not included in the official F-Droid repo or IzzySoft repo.</item>
 <!-- version -->
 <item>18</item>
 <!-- enabled -->
 <item>0</item>
-<!-- priority -->
-<item>6</item>
 <!-- push requests -->
 <item>ignore</item>
 <!-- pubkey -->
@@ -45,14 +40,11 @@
 <!-- address -->
 <item>https://divestos.xyz/fdroid/provisioner</item>
 <!-- description -->
-<item>This is an empty repo used to provision a device using the push install feature. Consider disabling after first use.
-</item>
+<item>This is an empty repo used to provision a device using the push install feature. Consider disabling after first use.</item>
 <!-- version -->
 <item>18</item>
 <!-- enabled -->
 <item>0</item>
-<!-- priority -->
-<item>7</item>
 <!-- push requests -->
 <item>always</item>
 <!-- pubkey -->
@@ -65,14 +57,11 @@
 <!-- address -->
 <item>https://apt.izzysoft.de/fdroid/repo</item>
 <!-- description -->
-<item>This is a repository of apps to be used with F-Droid. Applications in this repository are official binaries built by the original application developers, taken from their resp. repositories (mostly Github). At this moment I cannot give guarantees on regular updates for all of them, though most are checked multiple times a week.
-</item>
+<item>This is a repository of apps to be used with F-Droid. Applications in this repository are official binaries built by the original application developers, taken from their resp. repositories (mostly Github). At this moment I cannot give guarantees on regular updates for all of them, though most are checked multiple times a week.</item>
 <!-- version -->
 <item>17</item>
 <!-- enabled -->
 <item>0</item>
-<!-- priority -->
-<item>8</item>
 <!-- push requests -->
 <item>ignore</item>
 <!-- pubkey -->
@@ -85,14 +74,11 @@
 <!-- address -->
 <item>https://microg.org/fdroid/repo</item>
 <!-- description -->
-<item>This is a repository of microG apps to be used with F-Droid. Applications in this repository are signed official binaries built by the microG Team from the corresponding source code.
-</item>
+<item>This is a repository of microG apps to be used with F-Droid. Applications in this repository are signed official binaries built by the microG Team from the corresponding source code.</item>
 <!-- version -->
 <item>17</item>
 <!-- enabled -->
 <item>0</item>
-<!-- priority -->
-<item>9</item>
 <!-- push requests -->
 <item>ignore</item>
 <!-- pubkey -->
@@ -105,17 +91,16 @@
 <!-- address -->
 <item>https://briarproject.org/fdroid/repo</item>
 <!-- description -->
-<item>This is a repository of apps to be used with FDroid. Applications in this repository are official binaries built by the original application developers.
-</item>
+<item>This is a repository of apps to be used with FDroid. Applications in this repository are official binaries built by the original application developers.</item>
 <!-- version -->
 <item>17</item>
 <!-- enabled -->
 <item>0</item>
-<!-- priority -->
-<item>10</item>
 <!-- push requests -->
 <item>ignore</item>
 <!-- pubkey -->
 <item>
 308202d5308201bda0030201020204018cf0a4300d06092a864886f70d01010b0500301b31193017060355040a1310627269617270726f6a6563742e6f7267301e170d3137303732353134303630325a170d3232303732343134303630325a301b31193017060355040a1310627269617270726f6a6563742e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100912fbe5333e85dc38a1ac8eca5d10e7e084459b3ef3ea84e72ad67758b63add64345ab2a26fef0a5be41c68461a69d1ae9f8652a98c181765f551776d3bfbcd2cfd6bb1222140566afd1cae791714ef56d6d137191d971404bdf9d93935adb0222de2df8718a6c5584dde5607da1249509fb5ed3cf2d14a0ff2962e942d1985ad3d1cd479c149caf71c98b54647d2953fbf60019df588c649598616e12c7ef7cd58cbea2ec42e067923b79be33ae4079736e521f9b4df5c1f670fbd2b55f1e4c86fb46f47a98e11f49007c8c0a390f36d8d363edf305d81be5b04d082f8c0b3a756cbc19a0ae51e3f241560457827638d8af97ac66fcb1e274d3575af17932bd0203010001a321301f301d0603551d0e04160414d16614bba270ddbbe7dfd75da361bd4e24dc3413300d06092a864886f70d01010b05000382010100573c98ccf56d9ec6644705995db1d03806c087d4be4b25061d1ce144a72e2c14c86845e6847cede6bd0c469ce610153c0c144412c8ab0171342e40acd8562c8de8032e4eb9fc6803cad0e2fd6b4da3cf0ce4148376b0b7d57bb74f1b7c55954eb184a1392fae2231aabf9705a9eace7795c99b1cd7b2e796ffc58b422e1e80b9cdec20ce352e10974c64270856e1aecf9febb8199239625692bbebc0236ecaf03f57ed70cc13057a33cbf2bd7ffa46704f530b0acbc8a0a2a05cc322704e340123aa4277e11946b35ae8c9174b9fac97e0c1207c6194856016202c94f1678a6f9911073bd46e513692274592a989d16181e02b423e89050b2704c7575b5d31f1
 </item>
+		</string-array>
+	</resources>
diff --git a/Scripts/Common/Functions.sh b/Scripts/Common/Functions.sh
index 7667b43e..364d9ab6 100644
--- a/Scripts/Common/Functions.sh
+++ b/Scripts/Common/Functions.sh
@@ -127,7 +127,7 @@ generateBootAnimationShine() {
 export -f generateBootAnimationShine;
 
 audit2allowCurrent() {
-	adb shell dmesg | audit2allow -p "$ANDROID_PRODUCT_OUT"/root/sepolicy;
+	adb logcat -b all -d | audit2allow -p "$ANDROID_PRODUCT_OUT"/root/sepolicy;
 }
 export -f audit2allowCurrent;
 
diff --git a/Scripts/Common/Overclock.sh b/Scripts/Common/Overclock.sh
index f677eda3..936878e0 100644
--- a/Scripts/Common/Overclock.sh
+++ b/Scripts/Common/Overclock.sh
@@ -61,8 +61,8 @@ echo "CONFIG_CPU_OVERCLOCK=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.5
 #echo "CONFIG_CPU_OVERCLOCK_ULTRA=y" >> arch/arm/configs/lineageos_mako_defconfig; #1.51GHz -> 1.94GHz XXX: Throttles
 if enter "device/lge/mako"; then
 	sed -i 's/scaling_min_freq 384000/scaling_min_freq 81000/' rootdir/etc/init.mako.power.rc;
-	sed -i 's/scaling_max_freq 1512000/scaling_max_freq 1728000/' rootdir/etc/init.mako.power.rc;
-	sed -i 's/NORMAL_FREQ "1512000"/NORMAL_FREQ "1728000"/' power/power_mako.c;
+	#sed -i 's/scaling_max_freq 1512000/scaling_max_freq 1728000/' rootdir/etc/init.mako.power.rc;
+	#sed -i 's/NORMAL_FREQ "1512000"/NORMAL_FREQ "1728000"/' power/power_mako.c;
 	#sed -i 's/scaling_max_freq 1512000/scaling_max_freq 1944000/' rootdir/etc/init.mako.power.rc;
 	#sed -i 's/NORMAL_FREQ "1512000"/NORMAL_FREQ "1944000"/' power/power_mako.c;
 fi;
diff --git a/Scripts/LineageOS-14.1/Functions.sh b/Scripts/LineageOS-14.1/Functions.sh
index f0610560..865aae87 100644
--- a/Scripts/LineageOS-14.1/Functions.sh
+++ b/Scripts/LineageOS-14.1/Functions.sh
@@ -98,7 +98,8 @@ patchWorkspace() {
 	if [ "$DOS_MALWARE_SCAN_ENABLED" = true ]; then scanForMalware false "$DOS_PREBUILT_APPS $DOS_BUILD_BASE/build $DOS_BUILD_BASE/device $DOS_BUILD_BASE/vendor/cm"; fi;
 	source build/envsetup.sh;
 	repopick -t n_asb_09-2018-qcom;
-	#repopick -t n_asb_10-2018;
+	repopick -it n_asb_10-2018;
+	repopick 231380;
 
 	source "$DOS_SCRIPTS/Patch.sh";
 	source "$DOS_SCRIPTS/Defaults.sh";
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_essential_msm8998.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_essential_msm8998.sh
index dd62d357..cd517e52 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_essential_msm8998.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_essential_msm8998.sh
@@ -1,6 +1,5 @@
 #!/bin/bash
 cd "$DOS_BUILD_BASE""kernel/essential/msm8998"
-git apply $DOS_PATCHES_LINUX_CVES/0001-LinuxIncrementals/4.4/4.4.0152-0153.patch
 git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0016.patch
 git apply $DOS_PATCHES_LINUX_CVES/0007-Accelerated_AES/3.10+/0020.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2014-9900/ANY/0001.patch
@@ -38,5 +37,5 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-6696/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-14875/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11274/ANY/0001.patch
-editKernelLocalversion "-dos.p38"
+editKernelLocalversion "-dos.p37"
 cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh
index 68edd88b..596b01c2 100644
--- a/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh
+++ b/Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh
@@ -55,16 +55,8 @@ git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-5972/ANY/0002.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-6345/^4.9/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-7487/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-9242/^4.11/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10877/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10879/3.10/0004.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10880/3.10/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10881/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10882/3.10/0002.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-10883/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-1092/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11286/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-11832/ANY/0001.patch
-git apply $DOS_PATCHES_LINUX_CVES/CVE-2018-3584/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/LVT-2017-0003/3.10/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/1035495_0001-cnss-Add-NULL-check-for-PM-related-APIs.patch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/797912_0001-usb-gadget-Fix-synchronization-issue-between-f_audio.patch
@@ -72,5 +64,5 @@ git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/870057_0001-wcnss-add-null-ch
 git apply $DOS_PATCHES_LINUX_CVES/Untracked-02/ANY/kernel.msm.git-9f34c6ebc016cd061ae5ec901221d15fa3d67e49.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2016-2475/ANY/0001.patch
 git apply $DOS_PATCHES_LINUX_CVES/CVE-2017-0750/ANY/0001.patch
-editKernelLocalversion "-dos.p72"
+editKernelLocalversion "-dos.p64"
 cd "$DOS_BUILD_BASE"
diff --git a/Scripts/LineageOS-15.1/Patch.sh b/Scripts/LineageOS-15.1/Patch.sh
index a67aa362..d07d79ef 100755
--- a/Scripts/LineageOS-15.1/Patch.sh
+++ b/Scripts/LineageOS-15.1/Patch.sh
@@ -199,6 +199,10 @@ sed -i '3itypeattribute hwaddrs misc_block_device_exception;' sepolicy/hwaddrs.t
 
 enterAndClear "device/lge/mako";
 echo "allow kickstart usbfs:dir search;" >> sepolicy/kickstart.te; #Fix forceencrypt on first boot
+echo "allow install_recovery unlabeled:dir search;" >> sepolicy/install_recovery.te; #Update recovery on boot
+echo "allow vold persist_file:dir read;" >> sepolicy/vold.te; #Fix Updater
+echo "allow priv_app unlabeled:dir search;" >> priv_app.te;
+echo "allow platform_app system_app_data_file:dir getattr;" >> sepolicy/platform_app.te;
 patch -p1 < "$DOS_PATCHES/android_device_lge_mako/0001-Enable_LTE.patch";
 
 enterAndClear "device/motorola/clark";
diff --git a/Scripts/init.sh b/Scripts/init.sh
index 41c752f3..b38c8126 100644
--- a/Scripts/init.sh
+++ b/Scripts/init.sh
@@ -36,13 +36,13 @@ export DOS_GPS_NTP_SERVER="time.android.com"; #Options: Any NTP pool
 export DOS_GPS_GLONASS_FORCED=true; #Enables GLONASS on all devices
 export DOS_MALWARE_SCAN_ENABLED=true; #Set true to perform a fast scan on patchWorkspace() and a through scan on buildAll()
 export DOS_MALWARE_SCAN_SETTING="quick"; #buildAll() scan speed. Options: quick, extra, slow, full
-export DOS_MICROG_INCLUDED="NLP"; #Determines inclusion of microG. Options: NLP, FULL
+export DOS_MICROG_INCLUDED="NLP"; #Determines inclusion of microG. Options: NLP, FULL TODO: Re-add FULL
 export DOS_HOSTS_BLOCKING=true; #Switch to false to prevent inclusion of our HOSTS file
 export DOS_HOSTS_BLOCKING_LIST="https://divestos.xyz/hosts"; #Must be in the format "127.0.0.1 bad.domain.tld"
 export DOS_OVERCLOCKS_ENABLED=true; #Switch to false to disable overclocks #XXX: Most devices have their processors directly under their RAM, heatsinking is mostly into the ground plane, potentially inflicting damage to RAM and the processor itself
 export DOS_LOWRAM_ENABLED=false; #Switch to true to enable low_ram on all devices
 export DOS_STRONG_ENCRYPTION_ENABLED=false; #Switch to true to enable AES-256bit encryption XXX: THIS WILL **DESTROY** EXISTING INSTALLS!
-export DOS_NON_COMMERCIAL_USE_PATCHES=false; #Switch to false to prevent inclusion of non-commercial use patches
+export DOS_NON_COMMERCIAL_USE_PATCHES=false; #Switch to false to prevent inclusion of non-commercial use patches XXX: Unused, see 1dc9247
 
 export DOS_BRANDING_NAME="DivestOS";
 export DOS_BRANDING_ZIP_PREFIX="divested";