Commit Graph

682 Commits

Author SHA1 Message Date
Tavi
31a147ab98
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 13:24:43 -04:00
Tavi
1fdedf21a5
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 14:09:13 -04:00
Tavi
abddd5231f
Quick verify of patchWorkspace for 14.1 through 19.1
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 12:51:25 -04:00
Tavi
59bf3b75c7
17.1: Import and verify picks
https://review.lineageos.org/c/LineageOS/android_frameworks_base/+/353117
https://review.lineageos.org/q/topic:Q_asb_2023-03
https://review.lineageos.org/q/topic:Q_asb_2023-04
https://review.lineageos.org/q/topic:Q_asb_2023-05
https://review.lineageos.org/q/topic:Q_asb_2023-06
https://review.lineageos.org/q/topic:Q_asb_2023-07
https://review.lineageos.org/q/topic:Q_asb_2023-08
	accounted for via patches:
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376560
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376561
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376562
https://review.lineageos.org/q/topic:Q_asb_2023-09
https://review.lineageos.org/q/topic:Q_asb_2023-10
https://review.lineageos.org/q/topic:Q_asb_2023-11
	accounted for via patches:
	https://review.lineageos.org/c/LineageOS/android_system_ca-certificates/+/376563
	accounted for via manifest change:
	https://review.lineageos.org/c/LineageOS/android_external_webp/+/376568
https://review.lineageos.org/q/topic:Q_asb_2023-12
https://review.lineageos.org/q/topic:Q_asb_2024-01
https://review.lineageos.org/q/topic:Q_asb_2024-02
https://review.lineageos.org/q/topic:Q_asb_2024-03

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 12:26:07 -04:00
Tavi
1816472bac
17.1: reconcile picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 11:01:06 -04:00
Tavi
1a0e13a70d
20.0: Import picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-07 19:49:55 -04:00
Tavi
2d7a1ea25c
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-07 08:22:30 -04:00
Tavi
83b8410de8
Extra patch for 17.1
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-07 06:05:28 -04:00
Tavi
321de1adbc
17.1: switch to latest hardened_malloc revision
+ dedupe the other hmalloc patches

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-06 19:29:31 -04:00
Tavi
2c90c48637
19.1: switch to latest hardened_malloc revision
+ other fixes

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-06 14:26:31 -04:00
Tavi
8ce5a0e671
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-05 12:01:44 -04:00
Tavi
5b05eb4100
Update CVE patchers
maybe breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-03 08:50:55 -04:00
Tavi
7a42c9eb17
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-30 16:50:36 -04:00
Tavi
94c0f5fa4d
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-27 11:56:40 -04:00
Tavi
44358b5ba2
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-22 09:22:16 -04:00
Tavi
5be2789897
2024
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-22 07:52:49 -04:00
Tavi
a16b5a89c7
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-16 08:41:35 -04:00
Tavi
aa52315312
Picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-14 13:54:25 -04:00
Tavi
25da5b3f74
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-10 11:21:10 -04:00
Tavi
570d2edfee
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-10 08:16:01 -04:00
Tavi
741e5a7ca3
Fixup
also 16.0 probably needs a backport of IsRecoveryMode
compile tested on 20.0

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-09 16:40:05 -04:00
Tavi
4f8cfc8a41
you want it, you got it!
now compile it yourself.

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-09 16:25:54 -04:00
Tavi
b6f3f2e055
17.1: April ASB work
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-08 09:53:03 -04:00
Tavi
97ce53667f
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-04 14:42:59 -04:00
Tavi
450ad03159
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-04 13:55:38 -04:00
Tavi
768f46c3bd
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-02 08:54:59 -04:00
Tavi
2a78a4cfc0
Update CVE patchers
for realz

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-27 22:09:10 -04:00
Tavi
dc9ed7c46c
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-21 14:54:23 -04:00
Tavi
1e8e187ede
17.1: March ASB work
+ a bonus February patch for 15.1

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 21:15:15 -04:00
Tavi
fa6d1f7f90
17.1: Reconcile picks
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 20:00:59 -04:00
Tavi
dee7abe09d Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 14:58:24 -04:00
Tavi
54469e0693
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-11 07:22:03 -04:00
Tavi
c3b07f5e01
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-09 16:35:22 -05:00
Tavi
0b8f1a2c57
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-09 12:02:14 -05:00
Tavi
f5a44efdff
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-07 12:13:52 -05:00
Tavi
5aefd27519
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/294

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-05 12:42:34 -05:00
Tavi
cd38073ad2
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-04 15:39:53 -05:00
Tavi
fdbd1a090f
Update CVE patchers
I made a pass through removing some obvious wrongly applied patches
but there is likely some more breakage here

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-02 12:31:51 -05:00
Tavi
45e87b4a1c
Update CVE patchers
Potential breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-02-27 03:15:54 -05:00
Tavi
20c8abcbc1
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-19 22:35:04 -05:00
Tavi
b42fd1ab93
17.1: February ASB work
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-08 23:18:56 -05:00
Tavi
fa044409c0
Reconcile picks
17.1 gains one patch

Signed-off-by: Tavi <tavi@divested.dev>
2024-02-08 19:58:06 -05:00
Tavi
215f358d58
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-05 18:23:16 -05:00
Tavi
4e2c426be3
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-31 13:33:41 -05:00
Tavi
00f1589cb8
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-22 13:27:55 -05:00
Tavi
4fae529ddc
15.1: January ASB work
+ a bonus patch for 16.0 and 17.1 as pointed out by @syphyr

Signed-off-by: Tavi <tavi@divested.dev>
2024-01-09 15:03:36 -05:00
Tavi
2af8dc9582
17.1: January ASB work
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-08 23:07:15 -05:00
Tavi
8d4f3b47c7
Truly fixup 17.1 picks
Verified working

Signed-off-by: Tavi <tavi@divested.dev>
2024-01-08 21:57:58 -05:00
Thaddeus
9d230974a2
Update CVE patchers
Signed-off-by: Thaddeus <tad@spotco.us>
2024-01-04 15:51:27 -05:00
Thaddeus
ab49a7e2a5
Reconcile picks
Signed-off-by: Thaddeus <tad@spotco.us>
2024-01-04 14:38:17 -05:00
Tad
85e3c271ab
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-12-26 16:28:26 -05:00
Tad
8b8046fce5
Exclude truly abandoned picks
Signed-off-by: Tad <tad@spotco.us>
2023-12-26 10:14:49 -05:00
Tad
12d0711d60
Reconcile picks
Adds one patch for 14.1, thanks to @syphyr
Adds two patches for 16.0, thanks to @MSe1969
Adds many patches for 17.1, thanks to @flamefire

TODO check if 377768 applies to 15.1

Signed-off-by: Tad <tad@spotco.us>
2023-12-26 09:48:21 -05:00
Tad
7c46f43fc4
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-20 12:28:48 -05:00
Tad
f18fb48d8a
17.1 December ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-12-11 20:39:36 -05:00
Tad
ba1e29a1b1
Reconcile picks
This gains one us patch: 376607

Signed-off-by: Tad <tad@spotco.us>
2023-12-11 18:59:08 -05:00
Tad
26c0951cd2
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-04 15:51:53 -05:00
Tad
af0cea3572
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-16 22:59:28 -05:00
Tad
c45a1db5e2
17.1 November ASB work
Plus a bonus October patch from @flamefire
https://github.com/Flamefire/android_device_sony_lilac/blob/lineage-17.1/patches/asb-2023-10/android_packages_providers_MediaProvider/0001-Fix-path-traversal-vulnerabilities-in-MediaProvider.patch

Signed-off-by: Tad <tad@spotco.us>
2023-11-13 16:25:48 -05:00
Tad
acd2484816
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-07 17:37:16 -05:00
Tad
01a196e055
Pull in Messaging notifications fix
Likely solves https://github.com/Divested-Mobile/DivestOS-Build/issues/141

Signed-off-by: Tad <tad@spotco.us>
2023-11-05 19:32:30 -05:00
Tad
548aec9c9d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-05 18:58:11 -05:00
Tad
90979e494c
Updater: point the changelog button to our news page
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/257

Signed-off-by: Tad <tad@spotco.us>
2023-10-20 18:44:05 -04:00
Tad
f64285f6fd
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-10-15 21:06:16 -04:00
Tad
27066c202f
17.1 October ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-10-09 19:41:44 -04:00
Tad
bf565cd578
Switch to upstream ASB patchsets
Signed-off-by: Tad <tad@spotco.us>
2023-10-08 22:52:14 -04:00
Tad
7d2c184d1f
Bonus patches
Signed-off-by: Tad <tad@spotco.us>
2023-10-03 15:17:06 -04:00
Tad
d80f272b54
Update CVE patchers
CVE-2023-4128 replaces CVE-2023-4208

Signed-off-by: Tad <tad@spotco.us>
2023-10-02 21:41:34 -04:00
Tad
fcf4f812cc
CVE-2023-5217
untested

Signed-off-by: Tad <tad@spotco.us>
2023-09-28 09:17:29 -04:00
Tad
19f4964036
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:52:35 -04:00
Tad
25f02f4177
14.1 though 17.1: patch CVE-2023-4863, thanks to @syphyr
run tested on 14.1, 15.1, and 17.1
compile tested on 16.0

Signed-off-by: Tad <tad@spotco.us>
2023-09-20 04:16:17 -04:00
Tad
337ae6012d
Fixup
TODO: regen

Signed-off-by: Tad <tad@spotco.us>
2023-09-17 20:26:44 -04:00
Tad
1b4f6d3bd8
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:30:23 -04:00
Tad
033c600eac
16.0 September ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-09-11 16:14:15 -04:00
Tad
aa4464d1c4
17.1 September ASB work
+ an August backport from @flamefire

Signed-off-by: Tad <tad@spotco.us>
2023-09-11 01:23:37 -04:00
Tad
0ec3c25d86
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-05 20:42:14 -04:00
Tad
efaf13b03c
17.1: restore davinci for now
wifi isn't working on 20.0

Signed-off-by: Tad <tad@spotco.us>
2023-09-04 14:21:44 -04:00
Tad
fc9032513f
Update CVE patchers
Likely issue CVE-2023-3773/^6.4

Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Tad
aa0ab3c1ba
Revert "Try to fixup cell service on crackling"
didn't work

This reverts commit 43e55668fd.
2023-08-25 09:56:20 -04:00
Alberto García
62ca909711
Push davinci to 20.0 2023-08-24 19:06:22 -04:00
Tad
52a0c55c41
Fixups
- Revert Freetype branch switching for 15.1+, broken
- Don't include OpenEUICC on Pixel 2 and 3 series, they won't work
- Churn

Signed-off-by: Tad <tad@spotco.us>
2023-08-24 03:06:02 -04:00
Tad
1fde0f9c45
More branch switching, thanks to @syphyr
Signed-off-by: Tad <tad@spotco.us>
2023-08-23 11:05:05 -04:00
Tad
43e55668fd
Try to fixup cell service on crackling
netmgrd appears incompatible with hmalloc
noted by @fishy1337
https://github.com/Divested-Mobile/DivestOS-Build/issues/204#issuecomment-1676439970

Signed-off-by: Tad <tad@spotco.us>
2023-08-18 11:24:04 -04:00
Tad
2142e2e763
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
160aee5049
Backport patch to handle verity with openssl 3.0
ref: https://github.com/Divested-Mobile/DivestOS-Website/pull/19

Signed-off-by: Tad <tad@spotco.us>
2023-08-11 18:53:01 -04:00
Tad
974878988b
Fixup
Will regen later

Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
f52adb2bc5
17.1 August ASB work
Signed-off-by: Tad <tad@spotco.us>
2023-08-08 06:31:22 -04:00
Tad
e627cdee05
Sync with @flamefire's Q_asb_2023-07
Signed-off-by: Tad <tad@spotco.us>
2023-08-08 05:01:00 -04:00
Tad
eef09ae519
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
180280b233
Update CVE patchers
TODO: adjust min version of CVE-2023-4132

Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
7b7d5b93dd
Adjust
Signed-off-by: Tad <tad@spotco.us>
2023-07-27 13:43:06 -04:00
Tad
73414e76d2
Update CVE patchers
two lpes

Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
e74f861c8e
Fixes + Churn
- Fix instances of awk failing on missing globs
- Remove unwanted packages from work/user/managed profiles
- Remove proprietary camera extensions

Signed-off-by: Tad <tad@spotco.us>
2023-07-24 03:59:51 -04:00
Tad
e408e7e19a
Drop devices with newer versions available
14.1: clark
15.1: deb, flo, hammerhead, shamu, ether
16.0: hammerhead
19.1: alioth

Signed-off-by: Tad <tad@spotco.us>
2023-07-22 19:17:42 -04:00
Tad
0f9a2c7aea
Less aggressive low_ram enablement
14.1 <2GB
15.1 <2GB
16.0 <2GB
17.1 <3GB
18.1 <3GB
19.1 <4GB
20.0 <4GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-17 18:44:56 -04:00
Tad
b6308caa37
Update CVE patchers
TODO: enable CVE-2023-31084/4.4

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 21:22:18 -04:00
Tad
aa6bfad801
Various
- Drop OpenCamera, it doesn't work on lock screens anymore?
- microG on 18.1+:
  - set packages forceQueryable
  - spoof some sources as Play Store
    TODO: backport this to 17.1
- Remove camera extensions
- Churn
- Wording

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 18:22:07 -04:00
Tad
192c73146a
Add a toggle for KSM
Signed-off-by: Tad <tad@spotco.us>
2023-07-14 17:11:21 -04:00
Tad
15de8ed2e8
Expand the low_ram coverage
As follows
14.1 <3GB
15.1 <3GB
16.0 <3GB
17.1 <3GB
18.1 <4GB
19.1 <6GB
20.0 <6GB

Signed-off-by: Tad <tad@spotco.us>
2023-07-13 18:31:03 -04:00
Tad
eff7a69bed
Small changes
- Another fix
- Deblobber tweaks
- Patch from GrapheneOS
- Cherrypick

Signed-off-by: Tad <tad@spotco.us>
2023-07-13 10:58:41 -04:00