Project

General

Profile

Issue #1886

Apply upstream security updates to Replicant 6

Added by Kurtis Hanna about 1 year ago. Updated about 1 month ago.

Status:
Rejected
Priority:
Immediate
Assignee:
-
Category:
Security
Target version:
Start date:
08/26/2018
Due date:
% Done:

0%

Estimated time:
Resolution:
invalid
Device:

Description

Replicant 6 0003 includes upstream security update up until November 2017. There are more recent security updates available that could be merged into Replicant 6 that haven't been merged yet. They should be merged.

History

#1

Updated by Kurtis Hanna about 1 year ago

There are some nightly builds of the dev branch of Replicant 0004. These builds have the upstream security patches updated up until this summer, which is roughly 8 months of updates.

https://jenkins.minhas.io/nightly_builds/replicant/6.0-dev/
Reminder: These are experimental/testing build so backup your data before trying them out!

#2

Updated by Fil Bergamo 11 months ago

Kurtis Hanna wrote:

Reminder: These are experimental/testing build so backup your data before trying them out!

What would be needed for the developing branch with the security updates to be merged into the stable/master branch?
If it's just about testing, I can build and test some images for i9100, i9300, n7100.
I can make that if it serves the purpose to move dev to stable.

Otherwise, what are the blockers to merging upstream security updates directly into the stable/master branch?
I can have a look into doing so, if it's feasible..

#3

Updated by Joonas Kylmälä 11 months ago

There is no master branch in Replicant. The security patches are already in the replicant-6.0 branches but a new release tag just needs to be added after we have done all the other tickets planned for this release.

#4

Updated by Kurtis Hanna 10 months ago

Are there other upstream security updates that we can pull, or are we up to date on this?

#5

Updated by Joonas Kylmälä about 1 month ago

The last Android 6 security bulletin was in August 1st 2018 and the replicant repos have been updated with those security updates on 2018-08-28 by me. There could be security fixes for LineageOS 13 if the LineageOS project added them themselves after that but that would requires us to go through again all the repos what changes are there and possibly make some patches to our manifest and merge changes to our forked repos which I would like to avoid for this release because there is no evidence of it making replicant 6 any more secure.

#6

Updated by Kurtis Hanna about 1 month ago

  • Status changed from New to Rejected
  • Resolution set to invalid

My assumption is that no security updates were applied that we don't already have since it seemed like LineageOS 13 stopped getting worked on a good while ago. I feel like we are lucky to have security updates up until last summer. Looking forward to Replicant 9 getting us back up to date again. I'm marking this as Rejected/invalid since I don't think there are any newer updates to apply.

Also available in: Atom PDF