Commit Graph

579 Commits

Author SHA1 Message Date
Tad
90979e494c
Updater: point the changelog button to our news page
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/257

Signed-off-by: Tad <tad@spotco.us>
2023-10-20 18:44:05 -04:00
Tad
f64285f6fd
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-10-15 21:06:16 -04:00
Tad
5d53945c3c
16.0 October ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-10-09 21:41:54 -04:00
Tad
bf565cd578
Switch to upstream ASB patchsets
Signed-off-by: Tad <tad@spotco.us>
2023-10-08 22:52:14 -04:00
Tad
7d2c184d1f
Bonus patches
Signed-off-by: Tad <tad@spotco.us>
2023-10-03 15:17:06 -04:00
Tad
d80f272b54
Update CVE patchers
CVE-2023-4128 replaces CVE-2023-4208

Signed-off-by: Tad <tad@spotco.us>
2023-10-02 21:41:34 -04:00
Tad
fcf4f812cc
CVE-2023-5217
untested

Signed-off-by: Tad <tad@spotco.us>
2023-09-28 09:17:29 -04:00
Tad
19f4964036
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:52:35 -04:00
Tad
25f02f4177
14.1 though 17.1: patch CVE-2023-4863, thanks to @syphyr
run tested on 14.1, 15.1, and 17.1
compile tested on 16.0

Signed-off-by: Tad <tad@spotco.us>
2023-09-20 04:16:17 -04:00
Tad
337ae6012d
Fixup
TODO: regen

Signed-off-by: Tad <tad@spotco.us>
2023-09-17 20:26:44 -04:00
Tad
1b4f6d3bd8
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:30:23 -04:00
Tad
5eb6190931
Fixup 15.1/16.0 backport: system/bt: Fix UAF in gatt_cl.cc
thanks to @syphyr for this!

Signed-off-by: Tad <tad@spotco.us>
2023-09-12 16:55:46 -04:00
Tad
51b28e6cdf
Fixup
Signed-off-by: Tad <tad@spotco.us>
2023-09-11 17:24:48 -04:00
Tad
033c600eac
16.0 September ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-09-11 16:14:15 -04:00
Tad
84a84c4742
Picks + Churn
Signed-off-by: Tad <tad@spotco.us>
2023-09-10 21:12:24 -04:00
Tad
0ec3c25d86
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-05 20:42:14 -04:00
Tad
fc9032513f
Update CVE patchers
Likely issue CVE-2023-3773/^6.4

Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Tad
52a0c55c41
Fixups
- Revert Freetype branch switching for 15.1+, broken
- Don't include OpenEUICC on Pixel 2 and 3 series, they won't work
- Churn

Signed-off-by: Tad <tad@spotco.us>
2023-08-24 03:06:02 -04:00
Tad
7ad46d58f1
Switch to @syphyr's security backport branches
Signed-off-by: Tad <tad@spotco.us>
2023-08-18 11:34:39 -04:00
Tad
2142e2e763
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
160aee5049
Backport patch to handle verity with openssl 3.0
ref: https://github.com/Divested-Mobile/DivestOS-Website/pull/19

Signed-off-by: Tad <tad@spotco.us>
2023-08-11 18:53:01 -04:00
Tad
974878988b
Fixup
Will regen later

Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
4b2160cf56
16.0 August ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-08-08 07:48:57 -04:00
Tad
eef09ae519
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
180280b233
Update CVE patchers
TODO: adjust min version of CVE-2023-4132

Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
c777c74717 16.0 Backports
- hosts toggle
- auto reboot
- bluetooth timeout
- unprivileged microG
- ptrace toggle
- exec spawning toggle

TODO: needs work

Signed-off-by: Tad <tad@spotco.us>
2023-07-27 16:35:00 -04:00
Tad
73414e76d2
Update CVE patchers
two lpes

Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
e74f861c8e
Fixes + Churn
- Fix instances of awk failing on missing globs
- Remove unwanted packages from work/user/managed profiles
- Remove proprietary camera extensions

Signed-off-by: Tad <tad@spotco.us>
2023-07-24 03:59:51 -04:00
Tad
e408e7e19a
Drop devices with newer versions available
14.1: clark
15.1: deb, flo, hammerhead, shamu, ether
16.0: hammerhead
19.1: alioth

Signed-off-by: Tad <tad@spotco.us>
2023-07-22 19:17:42 -04:00
Tad
0f9a2c7aea
Less aggressive low_ram enablement
14.1 <2GB
15.1 <2GB
16.0 <2GB
17.1 <3GB
18.1 <3GB
19.1 <4GB
20.0 <4GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-17 18:44:56 -04:00
Tad
1c9076fffe
KSM tuning
- Only enable on Linux 3.0 through 4.9
- Always enable defer option
- Only run twice a second, instead of fifty times a second

Signed-off-by: Tad <tad@spotco.us>
2023-07-14 20:27:10 -04:00
Tad
192c73146a
Add a toggle for KSM
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 17:11:21 -04:00
Tad
15de8ed2e8
Expand the low_ram coverage
As follows
14.1 <3GB
15.1 <3GB
16.0 <3GB
17.1 <3GB
18.1 <4GB
19.1 <6GB
20.0 <6GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-13 18:31:03 -04:00
Tad
ad8e5b631a
16.0+17.1: Extra July ASB backport from @MSe1969
Signed-off-by: Tad <tad@spotco.us>
2023-07-09 14:49:51 -04:00
Tad
293f97d678
16.0 July ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-07-07 17:24:47 -04:00
Tad
a1a3cbb94e
Fix overlay conflicts
Should mostly fix https://github.com/Divested-Mobile/DivestOS-Build/issues/219

Signed-off-by: Tad <tad@spotco.us>
2023-07-06 14:51:40 -04:00
Tad
f2c8005853
16.0: switch to upstream P_asb_2023-06
Has two extra patches for Traceur, but misses a patch for CarSettings

Signed-off-by: Tad <tad@spotco.us>
2023-07-03 15:22:32 -04:00
Tad
2e2ac4557d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
cda898f141
Certificate Authority store updates
- Remove some untrustworthy CAs
- Update CA store for all branches to aosp/e302aa968334b3c3fc9cd709a7c7661e0cf534eb

Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:54 -04:00
Tad
41e2669884
17.1: switch to flamefire's ASB topics
This gets us ~9 extra patches

Signed-off-by: Tad <tad@spotco.us>
2023-06-17 15:13:46 -04:00
Tad
a07133a064
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
8c7f3daa00
15.1+16.0 June ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-06-10 05:16:45 -04:00
Tad
ab52996e4f
16.0: switch to upstream topic for May ASB patches
They're identical
I'll likely eventually pull them back in anyway

Signed-off-by: Tad <tad@spotco.us>
2023-06-10 01:57:59 -04:00
Tad
2ee99fe3ef
Update CVE patchers
CVE-2020-36694 appears to be a duplicate of CVE-2021-29650

Signed-off-by: Tad <tad@spotco.us>
2023-06-01 21:12:08 -04:00
Tad
cd0a29d69b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-12 23:28:44 -04:00
Tad
6fb0a581c3
15.1 and 16.0 May ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-05-07 21:28:27 -04:00
Tad
6d2a255eef
Remove User-Agent (and serial) from source built libloc
Signed-off-by: Tad <tad@spotco.us>
2023-05-05 22:27:27 -04:00
Tad
c544c28b94
Prevent Qualcomm location stack from reading chipset serial number
The deblobber already removes xtra-daemon which is what actually performs the requests.
This is just extra sanctity.

Signed-off-by: Tad <tad@spotco.us>
2023-05-03 21:41:20 -04:00
Tad
366b4eb5ef
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 18:01:39 -04:00
Tad
39b0c9e036
Remove broken emoji updates
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 15:31:57 -04:00