FP Security Updates need to be more frequent

What? StackRot affects kernels 6.1 and later. I doubt if any Android phone is remotely that recent, and there’s very little chance that the huge ile of changes that StackRot was part of (maple-tree-ization of core parts of mm) would ever have been backported to any of them.

FP4 in particular is running 4.19.157. There’s about as much chance of StackRot affecting that as of it affecting a Commodore 64.

1 Like

True, Android is based on Linux LTS versions.

From Android (operating system) - Wikipedia

Android’s kernel is based on the Linux kernel’s long-term support (LTS) branches. As of 2023, Android uses versions 4.14, 4.19, 5.4, 5.10 or 5.15 of the Linux kernel (and since modified Linux kernels is used, Android names like android13-5.15 or android-4.19-stable are used).[189] The actual kernel depends on the individual device.[190]

According to teltarif.de the rollout of A13 to the FP3(+) has started. In the article (see :de: Update-Rollout: Fairphone 3(+) erhalten Android 13 - teltarif.de News ) they write that the rollout for the FP4 is planned for the end of this year. This side note really makes me unhappy :frowning_face:

I unterstand your disappointment (in case this info is true). however I would rather like to see a quick fix of the screen dimming issue instead of A13 which I personally don’t mind to wait 6 more month for.


Yes, you are absolutely right. The fixes definitely have priority. On the other hand one does not necessarily exclude the other :smiley:

I realize I’m replying to myself since I posted this back in November last year, and I’m now leaving my FairPhone project all together.

I’m not blaming anyone at FairPhone really, you are probably doing the best you can. It just isn’t good enough, it’s unacceptable. And it’s sad. Because I was hoping making the right choice would be a good choice. But it’s not. And honestly, I wonder if FairPhone as a product is aiming at corporate users like me at all.

FairPhone could have had a good case for corporations and public bureaus that require that you divide between work phone and private phone, especially where I live, Norway, because we (officially) aim at chosing sustainable solutions.
And FairPhone could have made a good partner in Norwegian relations. Only, nobody I talk to here have heard of FairPhone. So with a limited customer base comes limited resources and attention. And, apparently, limited security updates.

I gave it a try for 2 years. I love idealism and caring for the world around me. But I also have a job to do. And I do understand that nobody cares, it’s fine.

I’m moving to iOS. Good luck with future updates and products. Please have a closer look at the Norwegian market. Not everybody here wants the latest and the most expensive.


4 posts were split to a new topic: Nordic countries and sustainability

And again according to heise.de ( :de: https://www.heise.de/news/Patchday-Kritische-Schadcode-Luecken-bedrohen-Android-11-12-und-13-9239055.html) there is a critical problem that needs to be fixed. All Android 11-13 users should get 2023-08-01 or 2023-08-05 patch level to have this fixed.


We beta testers are on the exact same update as you non-testers. If I had to guess, I’d guess the Android developers are on holiday.

So it would seem that this update will take quite some time to release unfortunately.

1 Like

All the more reason to hire more devs instead of support staff :nerd_face:

Meanwhile the ghost touches are back. FP is really testing its user base. I really hope they can solve this in software as they claim.


In a post, Google explicitly warns of a “critical” system gap

do we have to wait two month for a Fairphone update?


did anyone come up with a precise statistic or details about exactly how many times (how many days) a fairphone of any version was up-to-date with its security updates and patchlevel? i can not remember that many situations where we have received the monthly security update still within that very month before the next update release from the month+1 first/fifth. anyone have any numbers? :unamused:

similar to … this and that many days without any incidents, deaths, deliberately unpatched and late security exploits… you get the idea.

I believe there is a changelog on the FP website with release dates. Based on that you can probably make some graphs.


A least there is a Google Play system update with patch level “July 1st 2023”


I think, the situation improved over the last couple of months after Fairphone managed to get Android 12 running. Let’s hope, the update to Android 13 will not take that long.


Yes, you find that here: https://support.fairphone.com/hc/en-us/articles/4405858220945-Fairphone-4-OS-Release-Notes

According to that all the updates for the Android 12 based version so far:

2023-07-17 - FP4.SP2G.B.079
2023-06-05 - FP4.SP29.B.069
2023-05-08 - FP4.SP28.B.065
2023-04-07 - FP4.SP25.B.058
2023-03-03 - FP4.SP21.B.048
2023-02-01 - FP4.SP1Y.B.041

So one update each month. Not too bad. I expect an update in August as well.


the time of the update is only one thing. the level of the update you are being offered is clearly the other half that needs to match. how many days did the FP4 for example really have a then-current security version level?


As far I can see - every update provided the latest available security level for that update as well.

The only thing Fairphone could change is to schedule the updates a bit different - maybe 1 or 2 weeks later - so an update for a specific month includes also the security updates from Google in that month. For example: 2023-04-07 included the security updates from March and not April, because the April updates got released by Google just two days before that update. But overall, you get a security update every month.

1 Like

I’m at the pub at the moment so if the below makes no sense then just ignore it

Fairphone as an Android OEM gets access to the, let’s say September update, in August, so the surprising thing with the Fairphone 4 is that they have a full month to update their phone and they are still one month behind. It makes no sense IMO.

Sure, Android 13 is probably slowing that down. But I’d rather be up to date on the security updates than be up to date on feature updates.


loseyourself is right, manufacturers get the information way before the date that’s shown to the users (it’s essentially just a label).

Android partners are notified of all issues at least a month before publication

Taken from

And in fact Fairphone has released the $MONTH-05 security patch level before the fifth of that month a handful of times in the past.