Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-01-12 07:59:36 -05:00
Code Issues Packages Projects Releases Wiki Activity

Many changes

Browse Source 
15.1: Update CVE patchers
15.1: Add back automated build signing
14.1: Disable herolte (broken)
14.1: March 2018 Security Bulletin
This commit is contained in:
Tad 2018-03-08 22:06:18 -05:00
parent 9c2272bc03
commit d111027f4d
17 changed files with 132 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
Patches/LineageOS-15.1/android_build/0001-Automated_Build_Signing.patch Normal file
View File

@ -0,0 +1,100 @@
From 3548eba76a04254a32fb16c3a39192aba8e4d187 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Thu, 8 Mar 2018 22:03:43 -0500
Subject: [PATCH] Add optional automated signing
Change-Id: If38730428255a0de3939dfe1a0526b03ac948113
---
core/Makefile | 41 ++++++++++++++++++++++++++++++++++++++---
1 file changed, 38 insertions(+), 3 deletions(-)
diff --git a/core/Makefile b/core/Makefile
index b3f719a4f..b48328394 100644
--- a/core/Makefile
+++ b/core/Makefile
@@ -520,6 +520,10 @@ $(call dist-for-goals,droidcore,$(SOONG_TO_CONVERT))
# exist with the suffixes ".x509.pem" and ".pk8".
DEFAULT_KEY_CERT_PAIR := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
+ifneq ($(SIGNING_KEY_DIR),)
+ KEY_CERT_DIR := $(SIGNING_KEY_DIR)
+ DEFAULT_KEY_CERT_PAIR := $(SIGNING_KEY_DIR)/releasekey
+endif
# Rules that need to be present for the all targets, even
# if they don't do anything.
@@ -1220,6 +1224,16 @@ endif
# substitute other keys for this one.
OTA_PUBLIC_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE).x509.pem
+ifneq ($(SIGNING_KEY_DIR),)
+ OTA_PUBLIC_KEYS := $(SIGNING_KEY_DIR)/releasekey.x509.pem
+ PRODUCT_EXTRA_RECOVERY_KEYS += $(SIGNING_KEY_DIR)/extra
+else
+ ifneq ($(OTA_PACKAGE_SIGNING_KEY),)
+ OTA_PUBLIC_KEYS := $(OTA_PACKAGE_SIGNING_KEY).x509.pem
+ PRODUCT_EXTRA_RECOVERY_KEYS := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
+ endif
+endif
+
# Generate a file containing the keys that will be read by the
# recovery binary.
RECOVERY_INSTALL_OTA_KEYS := \
@@ -2316,6 +2330,13 @@ $(BUILT_TARGET_FILES_PACKAGE): intermediates := $(intermediates)
$(BUILT_TARGET_FILES_PACKAGE): \
zip_root := $(intermediates)/$(name)
+SIGNED_TARGET_FILES_PACKAGE := $(intermediates)/signed-$(name).zip
+MAYBE_SIGNED_TARGET_FILES_PACKAGE := $(BUILT_TARGET_FILES_PACKAGE)
+
+ifneq ($(SIGNING_KEY_DIR),)
+ MAYBE_SIGNED_TARGET_FILES_PACKAGE := $(SIGNED_TARGET_FILES_PACKAGE)
+endif
+
# $(1): Directory to copy
# $(2): Location to copy it to
# The "ls -A" is to prevent "acp s/* d" from failing if s is empty.
@@ -2774,6 +2795,12 @@ else
OTA_SCRIPT_OVERRIDE_DEVICE := $(TARGET_OTA_ASSERT_DEVICE)
endif
+ifeq ($(TARGET_RELEASETOOL_SIGN_TARGET_SCRIPT),)
+ SIGN_TARGET_SCRIPT := ./build/tools/releasetools/sign_target_files_apks
+else
+ SIGN_TARGET_SCRIPT := $(TARGET_RELEASETOOL_SIGN_TARGET_SCRIPT)
+endif
+
ifeq ($(WITH_GMS),true)
$(INTERNAL_OTA_PACKAGE_TARGET): backuptool := false
else
@@ -2784,8 +2811,16 @@ else
endif
endif
-$(INTERNAL_OTA_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) \
- build/tools/releasetools/ota_from_target_files
+$(SIGNED_TARGET_FILES_PACKAGE): $(BUILT_TARGET_FILES_PACKAGE) build/tools/releasetools/ota_from_target_files
+ @echo "$(SIGN_TARGET_SCRIPT)" > $(PRODUCT_OUT)/sign_script_path
+ @echo -e ${CL_YLW}"Sign target files:"${CL_RST}" $@"
+ $(hide) $(SIGN_TARGET_SCRIPT) \
+ -d $(KEY_CERT_DIR) \
+ -o \
+ $(BUILT_TARGET_FILES_PACKAGE) \
+ $(SIGNED_TARGET_FILES_PACKAGE)
+
+$(INTERNAL_OTA_PACKAGE_TARGET): $(MAYBE_SIGNED_TARGET_FILES_PACKAGE) build/tools/releasetools/ota_from_target_files
@echo "Package OTA: $@"
$(hide) PATH=$(foreach p,$(INTERNAL_USERIMAGES_BINARY_PATHS),$(p):)$$PATH MKBOOTIMG=$(MKBOOTIMG) \
./build/tools/releasetools/ota_from_target_files -v \
@@ -2795,7 +2830,7 @@ $(INTERNAL_OTA_PACKAGE_TARGET): $(BUILT_TARGET_FILES_PACKAGE) \
-k $(KEY_CERT_PAIR) \
--backup=$(backuptool) \
$(if $(OEM_OTA_CONFIG), -o $(OEM_OTA_CONFIG)) \
- $(BUILT_TARGET_FILES_PACKAGE) $@
+ $(MAYBE_SIGNED_TARGET_FILES_PACKAGE) $@
.PHONY: otapackage
otapackage: $(INTERNAL_OTA_PACKAGE_TARGET)
--
2.16.2

2
Scripts/LineageOS-14.1/Functions.sh
View File

@ -69,7 +69,7 @@ buildAll() {
# brunch lineage_h815-user; - (UPSTREAM) drivers/input/touchscreen/DS5/RefCode_CustomerImplementation.c:147:1: warning: the frame size of 2064 bytes is larger than 2048 bytes
brunch lineage_h850-userdebug;
brunch lineage_hammerhead-user;
brunch lineage_herolte-user;
# brunch lineage_herolte-user; - net/netfilter/nfnetlink.c:328:14: error: 'NFNL_BATCH_FAILURE' undeclared (first use in this function)
brunch lineage_himaul-user;
brunch lineage_i9100-userdebug;
brunch lineage_i9305-user;

2
Scripts/LineageOS-14.1/Patch.sh
View File

@ -34,6 +34,8 @@
#Generate firmware deblobber
#mka firmware_deblobber
#repopick -t n_asb_03-2018
#
#START OF PREPRATION
#

3
Scripts/LineageOS-15.1/00init.sh
View File

@ -20,6 +20,9 @@
export androidWorkspace="/mnt/Drive-3/";
export base=$androidWorkspace"Build/LineageOS-15.1/";
export SIGNING_KEY_DIR=$androidWorkspace"Signing_Keys";
export OTA_PACKAGE_SIGNING_KEY=$SIGNING_KEY_DIR"/releasekey"
export patches=$androidWorkspace"Patches/LineageOS-15.1/";
export cvePatchesLinux=$androidWorkspace"Patches/Linux/";
export cvePatchesAndroid=$androidWorkspace"Patches/Android/";

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_fairphone_msm8974.sh
View File

@ -8,6 +8,7 @@ git apply $cvePatchesLinux/CVE-2016-0774/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2016-7117/^4.5/0002.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch
git apply $cvePatchesLinux/CVE-2017-13080/ANY/0002.patch
@ -30,5 +31,5 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.4/0001.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p30"
editKernelLocalversion "-dos.p31"
cd $base

4
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_marlin.sh
View File

@ -71,6 +71,8 @@ git apply $cvePatchesLinux/CVE-2017-0627/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0866/3.18/0001.patch
git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-15649/ANY/0002.patch
git apply $cvePatchesLinux/CVE-2017-15834/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch
git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16530/^4.13/0001.patch
@ -104,5 +106,5 @@ git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-14883/ANY/0001.patch
editKernelLocalversion "-dos.p104"
editKernelLocalversion "-dos.p106"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_google_msm.sh
View File

@ -13,6 +13,7 @@ git apply $cvePatchesLinux/CVE-2017-0710/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch
#git apply $cvePatchesLinux/CVE-2017-11015/prima/0001.patch
#git apply $cvePatchesLinux/CVE-2017-11015/prima/0002.patch
git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch
@ -36,5 +37,5 @@ git apply $cvePatchesLinux/CVE-2017-8254/3.4/0001.patch
git apply $cvePatchesLinux/CVE-2017-8254/3.4/0002.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p36"
editKernelLocalversion "-dos.p37"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_htc_flounder.sh
View File

@ -63,9 +63,10 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch
git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch
git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.10/0002.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch
git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch
git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch
editKernelLocalversion "-dos.p67"
editKernelLocalversion "-dos.p68"
cd $base

6
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_huawei_angler.sh
View File

@ -75,10 +75,7 @@ git apply $cvePatchesLinux/CVE-2017-11600/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch
git apply $cvePatchesLinux/CVE-2017-14877/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch
@ -99,6 +96,7 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch
git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch
git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch
git apply $cvePatchesLinux/CVE-2017-8269/3.10/0002.patch
git apply $cvePatchesLinux/CVE-2017-8280/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch
@ -108,5 +106,5 @@ git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-15845/ANY/0001.patch
editKernelLocalversion "-dos.p108"
editKernelLocalversion "-dos.p106"
cd $base

6
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_bullhead.sh
View File

@ -68,10 +68,7 @@ git apply $cvePatchesLinux/CVE-2017-11600/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2017-12153/3.2-^3.16/0001.patch
git apply $cvePatchesLinux/CVE-2017-14877/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16531/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16532/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16533/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16535/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16537/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0001.patch
git apply $cvePatchesLinux/CVE-2017-16538/^4.13/0002.patch
@ -92,11 +89,12 @@ git apply $cvePatchesLinux/CVE-2017-6348/^4.9/0001.patch
git apply $cvePatchesLinux/CVE-2017-6951/^3.14/0001.patch
git apply $cvePatchesLinux/CVE-2017-7472/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch
git apply $cvePatchesLinux/CVE-2017-8269/3.10/0002.patch
git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch
git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch
editKernelLocalversion "-dos.p98"
editKernelLocalversion "-dos.p96"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_g3.sh
View File

@ -13,6 +13,7 @@ git apply $cvePatchesLinux/CVE-2017-0610/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0611/3.4/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-13215/ANY/0001.patch
@ -31,5 +32,5 @@ git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-8246/3.4/0002.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p31"
editKernelLocalversion "-dos.p32"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_hammerhead.sh
View File

@ -14,6 +14,7 @@ git apply $cvePatchesLinux/CVE-2017-0710/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-11089/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-11090/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch
@ -42,5 +43,5 @@ git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch
git apply $cvePatchesLinux/CVE-2017-9684/ANY/0001.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p42"
editKernelLocalversion "-dos.p43"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_lge_msm8974.sh
View File

@ -9,6 +9,7 @@ git apply $cvePatchesLinux/CVE-2016-0806/prima/0010.patch
git apply $cvePatchesLinux/CVE-2016-6751/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-11473/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-16525/^4.13/0002.patch
git apply $cvePatchesLinux/CVE-2017-16526/^4.13/0001.patch
@ -23,5 +24,5 @@ git apply $cvePatchesLinux/CVE-2017-16USB/ANY/0006.patch
git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p23"
editKernelLocalversion "-dos.p24"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_moto_shamu.sh
View File

@ -62,10 +62,11 @@ git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-5972/ANY/0002.patch
git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch
git apply $cvePatchesLinux/CVE-2017-7487/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch
git apply $cvePatchesLinux/CVE-2017-8269/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-9242/^4.11/0001.patch
git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2016-2475/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p67"
editKernelLocalversion "-dos.p68"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_nextbit_msm8992.sh
View File

@ -55,6 +55,7 @@ git apply $cvePatchesLinux/CVE-2017-17558/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-17762/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-6345/^4.9/0001.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.10/0002.patch
git apply $cvePatchesLinux/CVE-2017-7533/3.10/0003.patch
git apply $cvePatchesLinux/CVE-2017-8243/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2017-8281/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2017-8281/3.10/0003.patch
@ -63,5 +64,5 @@ git apply $cvePatchesLinux/LVT-2017-0003/3.10/0001.patch
git apply $cvePatchesLinux/CVE-2016-6693/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2016-6696/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p63"
editKernelLocalversion "-dos.p64"
cd $base

3
Scripts/LineageOS-15.1/CVE_Patchers/android_kernel_oppo_msm8974.sh
View File

@ -18,6 +18,7 @@ git apply $cvePatchesLinux/CVE-2017-0648/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0751/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-0786/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-1000111/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-1000380/^4.11/0001.patch
git apply $cvePatchesLinux/CVE-2017-11000/ANY/0002.patch
git apply $cvePatchesLinux/CVE-2017-11019/ANY/0001.patch
@ -47,5 +48,5 @@ git apply $cvePatchesLinux/CVE-2017-9684/ANY/0001.patch
git apply $cvePatchesLinux/CVE-2017-9706/ANY/0001.patch
git apply $cvePatchesLinux/Untracked/ANY/0008-nfsd-check-for-oversized-NFSv2-v3-arguments.patch
git apply $cvePatchesLinux/CVE-2017-0750/ANY/0001.patch
editKernelLocalversion "-dos.p47"
editKernelLocalversion "-dos.p48"
cd $base

2
Scripts/LineageOS-15.1/Patch.sh
View File

@ -61,7 +61,7 @@ cp -r $patches"Fennec_DOS-Shim" $base"packages/apps/"; #Add a shim to install Fe
#optipng -strip all res*/images/*.png;
enterAndClear "build/make"
#patch -p1 < $patches"android_build/0001-Automated_Build_Signing.patch" #Automated build signing. Disclaimer: From CopperheadOS 13.0 #TODO: Rebase
patch -p1 < $patches"android_build/0001-Automated_Build_Signing.patch" #Automated build signing. Disclaimer: From CopperheadOS 13.0
sed -i 's/messaging/Silence/' target/product/*.mk; #Replace AOSP Messaging app with Silence
enterAndClear "device/qcom/sepolicy"