clarify multicast firewall purpose

2024-09-18 11:17:01 -04:00 · 2024-09-18 11:17:01 -04:00 · ae9e17eaee
commit ae9e17eaee
parent 3ac0af6672
1 changed files with 1 additions and 1 deletions
--- a/static/releases.html
+++ b/static/releases.html
@ -902,7 +902,7 @@
                    <ul>
                        <li>Sandboxed Google Play compatibility layer: handle the updated client dynamite module initialization sequence</li>
                        <li>extend standard Android eBPF filter to prevent apps sending multicast packets outside of the VPN tunnel either directly or separately via kernel-generated multicast traffic (IGMP, MLD) when leak blocking is enabled</li>
-                        <li>add netfilter-based multicast firewall only permitting sending multicast packets to permitted interfaces for the process</li>
+                        <li>add netfilter-based multicast firewall only permitting sending multicast packets to permitted interfaces for the process to prevent apps sending multicast packets through a disallowed interface such as a VPN tunnel for another profile</li>
                        <li>exclude com.android.rkpdapp from backup/restore to avoid breaking key provisioning for attestation including for Auditor (users can clear RemoteProvisioner system app data via Settings if they restored data for it and have this issue)</li>
                        <li>Pixel 9 Fold Pro: temporarily manually add overlays from the stock Pixel OS to use the correct layout for quick settings, status bar, etc. and to provide the split folded/unfolded auto-rotate settings</li>
                        <li>hardened_malloc: fix microdroid virtual machine compatibility by using armv8a+dotprod+memtag when enabling memory tagging instead of armv9+memtag</li>