Commit Graph

422 Commits

Author SHA1 Message Date
Tavi
4b5bd17510
Update CVE patchers
likely some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-27 01:01:08 -04:00
Tavi
2e84510f6f
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-25 21:57:56 -04:00
Tavi
637ace8214
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-25 04:19:17 -04:00
Tavi
d09584417e
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-20 15:27:45 -04:00
Tavi
f1c027ecac
Churn + Fixes
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-19 23:57:56 -04:00
Tavi
7357b970ef
Fixup + Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-13 23:08:32 -04:00
Tavi
8383cd716d
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-06-06 15:47:27 -04:00
Tavi
1636f68138
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/308

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-03 16:27:15 -04:00
Tavi
f91f45a7bd
Update CVE patchers
Maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-06-01 12:35:18 -04:00
Tavi
97ad0c69fe
Update CVE patchers
This expands loose versioning for 4.9 and 4.14

compile tested:
- cheeseburger/4.4
- fajita/4.9
- flame/4.14
- FP4/4.19
- lemonadep/5.4
- bluejay/5.10

CVE-2023-52879/5.4 may need to be expanded to other 5.4 kernels

this also patches CVE-2024-1086 for 4.9, 4.14, and 5.10

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-31 20:55:45 -04:00
Tavi
4cf2b308ff Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-30 13:52:45 -04:00
Tavi
3e9d2b9bb0
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-28 10:30:53 -04:00
Tavi
b5e04a00ae
Fixup
Closes https://github.com/Divested-Mobile/DivestOS-Build/issues/306

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-27 12:36:17 -04:00
Tavi
a136f27ae6
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 22:50:29 -04:00
Tavi
028541103d
Fixup
Manually checked 3.4 and 4.4
Likely still more breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 19:26:14 -04:00
Tavi
d2330cce15
Update CVE patchers
This probably breaks all of them

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-26 18:29:36 -04:00
Tavi
dd9f51c8ee
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-19 12:35:44 -04:00
Tavi
79df8d06d0
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-14 15:34:02 -04:00
Tavi
31a147ab98
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-09 13:24:43 -04:00
Tavi
1fdedf21a5
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-08 14:09:13 -04:00
Tavi
2d7a1ea25c
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-07 08:22:30 -04:00
Tavi
2c90c48637
19.1: switch to latest hardened_malloc revision
+ other fixes

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-06 14:26:31 -04:00
Tavi
8ce5a0e671
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-05-05 12:01:44 -04:00
Tavi
5b05eb4100
Update CVE patchers
maybe breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-05-03 08:50:55 -04:00
Tavi
7a42c9eb17
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-30 16:50:36 -04:00
Tavi
94c0f5fa4d
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-27 11:56:40 -04:00
Tavi
44358b5ba2
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-22 09:22:16 -04:00
Tavi
a16b5a89c7
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-16 08:41:35 -04:00
Tavi
25da5b3f74
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-10 11:21:10 -04:00
Tavi
570d2edfee
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-10 08:16:01 -04:00
Tavi
97ce53667f
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-04 14:42:59 -04:00
Tavi
450ad03159
Update CVE patchers
maybe some breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-04-04 13:55:38 -04:00
Tavi
768f46c3bd
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-04-02 08:54:59 -04:00
Tavi
2a78a4cfc0
Update CVE patchers
for realz

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-27 22:09:10 -04:00
Tavi
dc9ed7c46c
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-21 14:54:23 -04:00
Tavi
dee7abe09d Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-14 14:58:24 -04:00
Tavi
54469e0693
Fixup
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-11 07:22:03 -04:00
Tavi
c3b07f5e01
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-09 16:35:22 -05:00
Tavi
0b8f1a2c57
Churn
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-09 12:02:14 -05:00
Tavi
f5a44efdff
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-07 12:13:52 -05:00
Tavi
5aefd27519
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/294

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-05 12:42:34 -05:00
Tavi
cd38073ad2
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-03-04 15:39:53 -05:00
Tavi
fdbd1a090f
Update CVE patchers
I made a pass through removing some obvious wrongly applied patches
but there is likely some more breakage here

Signed-off-by: Tavi <tavi@divested.dev>
2024-03-02 12:31:51 -05:00
Tavi
45e87b4a1c
Update CVE patchers
Potential breakage

Signed-off-by: Tavi <tavi@divested.dev>
2024-02-27 03:15:54 -05:00
Tavi
20c8abcbc1
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-19 22:35:04 -05:00
Tavi
215f358d58
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-02-05 18:23:16 -05:00
Tavi
4e2c426be3
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-31 13:33:41 -05:00
Tavi
00f1589cb8
Update CVE patchers
Signed-off-by: Tavi <tavi@divested.dev>
2024-01-22 13:27:55 -05:00
Thaddeus
9d230974a2
Update CVE patchers
Signed-off-by: Thaddeus <tad@spotco.us>
2024-01-04 15:51:27 -05:00
Tad
7c46f43fc4
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-20 12:28:48 -05:00
Tad
26c0951cd2
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-12-04 15:51:53 -05:00
Tad
af0cea3572
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-16 22:59:28 -05:00
Tad
acd2484816
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-07 17:37:16 -05:00
Tad
548aec9c9d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-11-05 18:58:11 -05:00
Tad
f64285f6fd
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-10-15 21:06:16 -04:00
Tad
d80f272b54
Update CVE patchers
CVE-2023-4128 replaces CVE-2023-4208

Signed-off-by: Tad <tad@spotco.us>
2023-10-02 21:41:34 -04:00
Tad
19f4964036
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-21 16:52:35 -04:00
Tad
337ae6012d
Fixup
TODO: regen

Signed-off-by: Tad <tad@spotco.us>
2023-09-17 20:26:44 -04:00
Tad
1b4f6d3bd8
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-17 01:30:23 -04:00
Tad
0ec3c25d86
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-09-05 20:42:14 -04:00
Tad
efaf13b03c
17.1: restore davinci for now
wifi isn't working on 20.0

Signed-off-by: Tad <tad@spotco.us>
2023-09-04 14:21:44 -04:00
Tad
fc9032513f
Update CVE patchers
Likely issue CVE-2023-3773/^6.4

Signed-off-by: Tad <tad@spotco.us>
2023-08-27 17:13:53 -04:00
Alberto García
62ca909711
Push davinci to 20.0 2023-08-24 19:06:22 -04:00
Tad
2142e2e763
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-17 17:18:10 -04:00
Tad
974878988b
Fixup
Will regen later

Signed-off-by: Tad <tad@spotco.us>
2023-08-09 00:46:44 -04:00
Tad
eef09ae519
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-08-07 18:07:19 -04:00
Tad
180280b233
Update CVE patchers
TODO: adjust min version of CVE-2023-4132

Signed-off-by: Tad <tad@spotco.us>
2023-08-04 21:00:29 -04:00
Tad
73414e76d2
Update CVE patchers
two lpes

Signed-off-by: Tad <tad@spotco.us>
2023-07-25 12:04:05 -04:00
Tad
b6308caa37
Update CVE patchers
TODO: enable CVE-2023-31084/4.4

Signed-off-by: Tad <tad@spotco.us>
2023-07-15 21:22:18 -04:00
Tad
c4666a33b7
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-07-05 19:42:40 -04:00
Tad
2e2ac4557d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-26 19:41:11 -04:00
Tad
a07133a064
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-06-16 11:03:46 -04:00
Tad
2ee99fe3ef
Update CVE patchers
CVE-2020-36694 appears to be a duplicate of CVE-2021-29650

Signed-off-by: Tad <tad@spotco.us>
2023-06-01 21:12:08 -04:00
Tad
59bda0360e
Fixes
Signed-off-by: Tad <tad@spotco.us>
2023-05-30 13:59:28 -04:00
Tad
8463705798
Update CVE patchers
- Includes CVE-2023-32233 fixes for more devices
- Upstream has reverted the LVT patches, maybe consider handling them

Signed-off-by: Tad <tad@spotco.us>
2023-05-22 20:33:47 -04:00
Tad
cd0a29d69b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-12 23:28:44 -04:00
Tad
366b4eb5ef
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-05-02 18:01:39 -04:00
Tad
47136145e5
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-23 23:20:36 -04:00
Tad
9ba61642de
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-17 23:19:28 -04:00
Tad
aad60b7567
Promotions
16.0 santoni/land to 20.0 Mi8937 unified
17.1 griffin to 18.1
17.1 star*/crownlte to 20.0
20.0 add pro1x

Signed-off-by: Tad <tad@spotco.us>
2023-04-17 21:36:49 -04:00
Tad
9a97c7013b
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-04-05 12:43:36 -04:00
Tad
2907be1be5
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-28 00:48:08 -04:00
Tad
61a3892314
Drop devices working on 20.0
Removes:
- 19.1: mata and FP3
- 17.1: avicii

all above tested/reported working on 20.0

Signed-off-by: Tad <tad@spotco.us>
2023-03-25 17:04:25 -04:00
Tad
ec38522af9
Churn
Signed-off-by: Tad <tad@spotco.us>
2023-03-18 20:52:59 -04:00
Tad
8bcb5c734d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-17 19:27:22 -04:00
Tad
38626e1b0c
Picks + Fixes
Signed-off-by: Tad <tad@spotco.us>
2023-03-14 16:58:27 -04:00
Tad
162b40a39d
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-13 18:13:54 -04:00
Tad
fd1becb8c4
20.0: bringup avicii
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 17:29:58 -05:00
Tad
0b294c1601
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-03-08 16:01:49 -05:00
Tad
804786aa23
Update CVE patchers
Fixes https://github.com/Divested-Mobile/DivestOS-Build/issues/193

Signed-off-by: Tad <tad@spotco.us>
2023-03-06 19:54:15 -05:00
Tad
b8f39716f1
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-26 12:21:36 -05:00
Tad
e9f58cfd3c
VPN fixes
Some devices still don't have these in 2023
https://gitlab.com/LineageOS/issues/android/-/issues/2193

Note, the following still aren't patched:
15.1
kernel/google/msm
kernel/lge/hammerhead

16.0
kernel/cyanogen/msm8974
kernel/lge/hammerhead

18.1
kernel/motorola/msm8974

Signed-off-by: Tad <tad@spotco.us>
2023-02-12 21:34:23 -05:00
Tad
a845f59546
Fixup persistent IPv6 privacy address issue + churn
Backports of rfc4941bis from Google/Linaro
and workaround for legacy kernels from GrapheneOS

already has rfc4941bis patch:
fairphone_sdm632
google_gs101
google_gs201
google_msm-4.14
google_msm-4.9
google_redbull
oneplus_sdm845
razer_sdm845
xiaomi_sdm845

Signed-off-by: Tad <tad@spotco.us>
2023-02-11 20:26:24 -05:00
Tad
3047b3b269
Fixup kipper & starlte
Signed-off-by: Tad <tad@spotco.us>
2023-02-10 08:19:23 -05:00
Tad
0e9599af6d
Fixup
Signed-off-by: Tad <tad@spotco.us>
2023-02-09 22:46:42 -05:00
Tad
fa067a3f89
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-02-06 23:06:34 -05:00
Tad
af3fe9776b Small updates
Signed-off-by: Tad <tad@spotco.us>
2023-02-01 15:19:21 -05:00
Tad
1511176a07
Update CVE patchers
Maybe some breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-28 20:33:44 -05:00
Tad
da1df44c8f
GrapheneOS kernel hardening patches update
Maybe some compile breakage

Signed-off-by: Tad <tad@spotco.us>
2023-01-24 19:03:01 -05:00
Tad
5ce2d33162
Update CVE patchers
Signed-off-by: Tad <tad@spotco.us>
2023-01-18 14:13:33 -05:00