DivestOS: long term device support with enhanced privacy and security

139

Hi, it has been 42 days since my last changelog. There is now a dedicated page on the site for this here. All future changelogs will be posted there instead of here.

System Updates

  • January ASB builds were released between the 10th and 14th.
  • Rebuilds were published on the 24th thru 26th primarily for CVE patcher updates.
  • IMS/VoLTE was made working on supported devices. image
  • CNE was removed after being briefly included in the Dec/Jan builds. This removal breaks Wi-Fi calling, but is likely worth the security benefits.
  • The deblobber received tweaks to better handle more property edits. commit
  • Part two of the Debian/retired Linux CVE import was completed. Linux 3.0, 3.4, and 3.10 devices benefit the most from this, averaging between 10 and 90 added CVE patches. import and update
  • The exec-based spawning feature from GrapheneOS was disabled. We likely failed to port it over correctly and the result is many subtle breakages.
  • All versions now include the LineageOS 17.1 APN list for better cell carrier compatibility. commit
  • All versions were mostly patched against the old CVE-2019-2306. commit
  • umask is now explicitly set in the build scripts and many files had their permissions corrected. This fixes many subtle issues.
  • [upstream] Updated to January ASB.
  • [upstream] Updated WebView to Chromium 88.0.4324.93, has many security fixes. commit

Device Updates

  • mata has long-standing audio issues, Lineage team has been trying to fix them. Currently the earpiece speaker works on calls, but the loud speaker cannot have its volume adjusted.
  • The microphone issue on shamu was resolved, was caused by our removal of some voice recognition blobs (which are required for adspd bring-up). commit
  • bullhead now installs (and works) after removing the firmware images to workaround the missing proprietary additions needed for their flashing. related

Roster Updates

  • mako was re-enabled for 16.0 for users who do not want to re-partition their device.
  • flo was re-enabled for 15.1, for users who do not want to re-partition their device.
  • mako was re-enabled for 15.1 for testing purposes.
  • hammerhead was re-enabled for 15.1 due to Bluetooth issues in 16.0.
  • ether and shamu were re-enabled for 15.1 as they are the last versions with working IMS.
  • star2lte was added to 17.1 and was tested broken, likely due to its usage of stock vendor.img.

App Updates

  • Mull saw 84.1.2, 84.1.4 and 85.1.0 releases.
  • Hypatia had some commits forward-ported from the stable branch to the unfinished dev branch. git log
  • The PrebuiltApps repository saw a handful of app updates. git log

Website Updates

  • The device downloads page now supports serving multiple build versions per device. commit
  • A 'news' page was added for changelogs and project history. commit
  • A 'network connections' page was added for documenting connections made by the system. commit
  • Pages with tables were fixed up for mobile.
  • The 'recommended apps' page had some additions. commit
  • The 'messengers' page received some needed updates.
  • The credits and legal notices section of the 'about' page was updated.
  • Some typos were fixed. commit
1 Like