That would be a good idea. With a full-time job and family, I don’t have a lot of time anymore to spend nights figuring things out.
Would be great if we could have a ROM that included commonly used apps and tweaks. Maybe starting from the microg.me and adding osmand, … so it becomes really functional out of the box.
Of course, that opens another can of worms: what are the default apps 
The community couldn’t even settle on F-Droid. 
A way to please almost everybody would be the OpenGApps way … LineageOS “zero” (bare LineageOS) … LineageOS “pico” (some stuff added) … LineageOS “nano” (some more stuff added) … and so on 
…
Next time you update the system (today tuesday should be released a new OTA), install it. It will clean your modifications, so after that, you can sideload my ZIP safely, preserving your microG apps data. Next week and further you should only install the OTA normally, 
.
Also, don’t forget to Tingle-patch each LOS update (the patch cannot be made survival, unfortunately).
Tried to update from 17.10.2. Installed lineage-14.1-20171031-nightly-FP2-signed.zip without any Problems using twrp-3.1.1-2-FP2.
Installed open_gapps-arm-7.1-stock-20171101 before rebooting the system.
At the first start everything worked well, but after a short time I had problems with my SIM-Cards (I have two). I think, the issue started after I changed SIM 1 from LTE to 2G as preferred mode and SIM 2 to 4G.
After a reboot, I failed to enter the SIM, where I got an error message (error when entering the SIM card), but without the SIM card was locked after three attempts.
So I went back to 17.10.2. 
Thank’s to TWRP.
I think I saw a fix by @chrmhoffmann for the 2nd SIM being able to use LTE. Its available from the Nov 7 LOS update released earlier today.
Only the bootloader blob has changed. I don’t know if it contains any security fixes.
I’m preparing a new release, will be online in a few minutes.
Edit: Done, the latest modem file is available through the link in the top post.
I just did the update and have los 20171107, but the patchlevel is displayed as Oct 5? No security updates or mistake?
Since the Android Security Bulletin—November 2017 was just released yesterday, I think Lineage does not yet have the fixes.
Quote from the above bullentin:
Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours. We will revise this bulletin with the AOSP links when they are available.
Possible, yes… Was the security level updated for the mid month KRACK fix? I can’t remember. But then, it also might show the partial Nov 1 level, but i don’t know better than you…
No, since KRACK has no own patchlevel string.
According to this, we didn’t yet get a patch for CVE-2017-7541, which is part of the 2017-11-01 security patch level.
Uff… wish I hadn’t seen this
So many CVEs unpatched
Thanks
CVE-2017-7541 is for broadcom wifi. FP2 is not affected by this, even though FP might have fixed this in the kernel.
Hi,
I am trying to go through the CVEs. But it’s a lot of stuff and work. But: I merge the FP open kernel source, that means that we have the same protection as FP Open.
I’d even be bold and claim that the lineage kernel has more CVEs fixed than the FPopen, as I have merged more CVEs that are not covered in FP open or from Qualcomm CAF.
I’d have only one advice: if you are really concerned by security fixes, the only viable option at the moment is to buy a Pixel phone. That’s sad, but true.
MSM8974 does not get support anymore from qualcomm (for a while now). So who knows what problems the modem, blobs, or other closed source components have, that neither QCOM, nor FP can fix.
Lineage is doing best they can, but…
Chris
Didn’t know that that much is on your shoulders… But thinking about it, these are not LOS CVEs but kernel’s, and so it’s your burden… Can’t thank you enough, and I think with some conscious usage patterns one can at least try to minimize the exposure… In the end, there are probably still lots of undetected bugs, at least undetected by the “good side”. So, thanks again, and don’t let you get frustrated by the amount of work and naive “consumers” 
No problem. I just wanted to clarify, that this is a constant work-in-progress and I try to do my best in my spare time.
Chris
PS: I was not joking about buying a Pixel. At the moment, the only guys who are to some extend on top of the security stuff is unfortunatly google.
No, I know, the Pixel is indeed first in line, and then there’s a certain amount of man power available at Google… Probably I even would use a Google device, if I hadn’t found the FP2, in 2015…
Update installed via TWRP (Edit: still 3.1.1-1 before I saw that 3.1.1-2 is out):
The following things work for me so far:
Would that result in the Baseband version being unchanged (4437.1-FP2-0-07)?