security/hakurei.app
security/hakurei.app
5
1
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases 4 Wiki Activity

publish new release notes

Browse Source
This commit is contained in:
Daniel Micay 2024-09-18 10:47:44 -04:00
parent 006ce2fa0a
commit 3ac0af6672
1 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
static/releases.html
View File

@ -99,7 +99,7 @@
<li> <li>
<a href="#changelog">Changelog</a> <a href="#changelog">Changelog</a>
<ul> <ul>
<!--<li><a href="#2024091700">2024091700</a></li>--> <li><a href="#2024091700">2024091700</a></li>
<li><a href="#2024090400">2024090400</a></li> <li><a href="#2024090400">2024090400</a></li>
<li><a href="#2024083100">2024083100</a></li> <li><a href="#2024083100">2024083100</a></li>
<li><a href="#2024082200">2024082200</a></li> <li><a href="#2024082200">2024082200</a></li>
@ -862,6 +862,27 @@
release notes from before the rebranding of the project in 2018 and 2019.</p> release notes from before the rebranding of the project in 2018 and 2019.</p>
<!-- <!--
<article id="2024091700">
<h3><a href="#2024091700">2024091700</a></h3>
<p>Pixel 4a (5G), Pixel 5 and Pixel 5a are end-of-life and shouldn't be used
anymore due to lack of security patches for firmware and drivers. We provide
extended support for harm reduction.</p>
<p>Tags:</p>
<ul>
<li><a href="https://github.com/GrapheneOS/platform_manifest/releases/tag/2024091700-redfin">2024091700-redfin</a> (Pixel 4a (5G), Pixel 5)</li>
<li><a href="https://github.com/GrapheneOS/platform_manifest/releases/tag/2024091700">2024091700</a> (Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, emulator, generic, other targets)</li>
<li><a href="https://github.com/GrapheneOS/platform_manifest/releases/tag/2024091700-caimito">2024091700-caimito</a> (Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold)</li>
</ul>
<p>Changes since the 2024091700 release:</p>
<ul>
</ul>
</article>
-->
<article id="2024091700"> <article id="2024091700">
<h3><a href="#2024091700">2024091700</a></h3> <h3><a href="#2024091700">2024091700</a></h3>
@ -885,7 +906,7 @@
<li>exclude com.android.rkpdapp from backup/restore to avoid breaking key provisioning for attestation including for Auditor (users can clear RemoteProvisioner system app data via Settings if they restored data for it and have this issue)</li> <li>exclude com.android.rkpdapp from backup/restore to avoid breaking key provisioning for attestation including for Auditor (users can clear RemoteProvisioner system app data via Settings if they restored data for it and have this issue)</li>
<li>Pixel 9 Fold Pro: temporarily manually add overlays from the stock Pixel OS to use the correct layout for quick settings, status bar, etc. and to provide the split folded/unfolded auto-rotate settings</li> <li>Pixel 9 Fold Pro: temporarily manually add overlays from the stock Pixel OS to use the correct layout for quick settings, status bar, etc. and to provide the split folded/unfolded auto-rotate settings</li>
<li>hardened_malloc: fix microdroid virtual machine compatibility by using armv8a+dotprod+memtag when enabling memory tagging instead of armv9+memtag</li> <li>hardened_malloc: fix microdroid virtual machine compatibility by using armv8a+dotprod+memtag when enabling memory tagging instead of armv9+memtag</li>
<li>init: disable auto-reboot setup for microdroid virtual machines <li>init: disable auto-reboot setup for microdroid virtual machines</li>
<li>expat: backport patches for CVE-2024-28757, CVE-2024-45490, CVE-2024-45491 and CVE-2024-45492 (none of these is exploitable on official GrapheneOS since the DoS bug involves a feature Android doesn't use, the integer overflows require that size_t is 32-bit which is never going to be the case due to the code only being used in 64-bit processes and the negative parameter API issue requires a usage pattern not done by Android, but the integer overflows would be exploitable on an official build for a 32-bit device or a 64-bit device still partially using 32-bit drivers)</li> <li>expat: backport patches for CVE-2024-28757, CVE-2024-45490, CVE-2024-45491 and CVE-2024-45492 (none of these is exploitable on official GrapheneOS since the DoS bug involves a feature Android doesn't use, the integer overflows require that size_t is 32-bit which is never going to be the case due to the code only being used in 64-bit processes and the negative parameter API issue requires a usage pattern not done by Android, but the integer overflows would be exploitable on an official build for a 32-bit device or a 64-bit device still partially using 32-bit drivers)</li>
<li>kernel (5.10): update to latest GKI LTS branch revision including update to 5.10.225</li> <li>kernel (5.10): update to latest GKI LTS branch revision including update to 5.10.225</li>
<li>kernel (5.15): update to latest GKI LTS branch revision including update to 5.15.165</li> <li>kernel (5.15): update to latest GKI LTS branch revision including update to 5.15.165</li>
@ -902,7 +923,6 @@
<li>GmsCompatConfig: update to <a href="https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-137">version 137</a></li> <li>GmsCompatConfig: update to <a href="https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-137">version 137</a></li>
</ul> </ul>
</article> </article>
-->
<article id="2024090400"> <article id="2024090400">
<h3><a href="#2024090400">2024090400</a></h3> <h3><a href="#2024090400">2024090400</a></h3>