Project

General

Profile

How does replicant handles security updates?

Added by Alex Vong 4 months ago

Hello everyone,

As a Debian and Guix user, I update software weekly to get security updates. However, it seems replicant doesn't provide regular security updates. According to https://www.reddit.com/r/LineageOS/comments/6c34w1/how_do_android_security_updates_work_with/, upstream do provide security updates. Is it due to lack of devs, or am I missing something?


Replies (6)

RE: How does replicant handles security updates? - Added by Kurtis Hanna 3 months ago

We now are building nightly releases as of a few days ago for testing purposes: https://jenkins.minhas.io/ https://jenkins.minhas.io/nightly_builds/replicant/6.0-dev/

We're also gearing up for a Replicant 6.0 0004 and Replicant 6.0 0005 release in the near future that includes all the upstream security patches and other bug fixes and additional features. https://redmine.replicant.us/versions/41 https://redmine.replicant.us/versions/42

This delay in providing security updates has been, at least partially, due to a lack of devs. We hope that this will cease being an issue in the future.

It should also be noted that, even though there hasn't been a ton of work done on Replicant 6 since the 0003 release, a lot of work has been done to mainline the kernel for a number of our supported devices https://redmine.replicant.us/issues/1882 and some great work has also been done to replace the majority of the propriety bootloader on these devices with mainline u-boot (which is free software). We also are working on Replicant 9, which is based on Android AOSP 9 (Pie).

RE: How does replicant handles security updates? - Added by Fil Lupin 3 months ago

Hi Kurt,
thank you for this detail answer. This is good news!

I was wondering how patches could be applied. Once the Replicant system is installed and phone is rooted, is it simple to allow system to update based on patch? How can/should those patches be put/installed on device?
I imagine this is new so perhaps it is still work in progress.

RE: How does replicant handles security updates? - Added by Joonas Kylmälä 3 months ago

Fil, this is documented in the wiki: https://redmine.replicant.us/projects/replicant/wiki/MinorVersionUpgrade. I saw a report on IRC that user data wipe might have been required, but that needs confirmation and we will put up information if the upgrade process is not as stated in the wiki page.

RE: How does replicant handles security updates? - Added by Fil Lupin 3 months ago

Thank you, I didn't see last moves on the wiki. I'll read.

RE: How does replicant handles security updates? - Added by Kurtis Hanna 3 months ago

Fil, hopefully some day we will be able to allow users to update Replicant from within Replicant itself instead of requiring people to use heimdall and adb sideload/storage. Work related to this will be posted here: https://redmine.replicant.us/issues/1833

We look forward to hearing about your experiences with the new images that have the security updates on them if you get the time to test them out. As Joonas pointed out, please backup your data before testing them out because you might need to do a data wipe to get them to work.

RE: How does replicant handles security updates? - Added by Fil Lupin 3 months ago

Yes, of course. I will be pleased to test this new image.
However, since I am keeping my phone in a stock state to test backup, I cannot test this one before documenting backup.
But for sure, this new image will be the one I will install on my device as soon as I found a way to backup partitions. :)

    (1-6/6)