Replicant

There are some nightly builds of the dev branch of Replicant 0004. These builds have the upstream security patches updated up until this summer, which is roughly 8 months of updates.

https://jenkins.minhas.io/nightly_builds/replicant/6.0-dev/
Reminder: These are experimental/testing build so backup your data before trying them out!

Kurtis Hanna wrote:

Reminder: These are experimental/testing build so backup your data before trying them out!

What would be needed for the developing branch with the security updates to be merged into the stable/master branch?
If it's just about testing, I can build and test some images for i9100, i9300, n7100.
I can make that if it serves the purpose to move dev to stable.

Otherwise, what are the blockers to merging upstream security updates directly into the stable/master branch?
I can have a look into doing so, if it's feasible..

There is no master branch in Replicant. The security patches are already in the replicant-6.0 branches but a new release tag just needs to be added after we have done all the other tickets planned for this release.

Are there other upstream security updates that we can pull, or are we up to date on this?

The last Android 6 security bulletin was in August 1st 2018 and the replicant repos have been updated with those security updates on 2018-08-28 by me. There could be security fixes for LineageOS 13 if the LineageOS project added them themselves after that but that would requires us to go through again all the repos what changes are there and possibly make some patches to our manifest and merge changes to our forked repos which I would like to avoid for this release because there is no evidence of it making replicant 6 any more secure.