@jnsp Do we need an updated modem file from the 17.11.2 update (released today)?
Only the bootloader blob has changed. I don’t know if it contains any security fixes.
I’m preparing a new release, will be online in a few minutes.
Edit: Done, the latest modem file is available through the link in the top post.
I just did the update and have los 20171107, but the patchlevel is displayed as Oct 5? No security updates or mistake?
Since the Android Security Bulletin—November 2017 was just released yesterday, I think Lineage does not yet have the fixes.
Quote from the above bullentin:
Source code patches for these issues will be released to the Android Open Source Project (AOSP) repository in the next 48 hours. We will revise this bulletin with the AOSP links when they are available.
Possible, yes… Was the security level updated for the mid month KRACK fix? I can’t remember. But then, it also might show the partial Nov 1 level, but i don’t know better than you…
No, since KRACK has no own patchlevel string.
According to this, we didn’t yet get a patch for CVE-2017-7541, which is part of the 2017-11-01 security patch level.
Uff… wish I hadn’t seen this
So many CVEs unpatched
CVE-2017-7541 is for broadcom wifi. FP2 is not affected by this, even though FP might have fixed this in the kernel.
I am trying to go through the CVEs. But it’s a lot of stuff and work. But: I merge the FP open kernel source, that means that we have the same protection as FP Open.
I’d even be bold and claim that the lineage kernel has more CVEs fixed than the FPopen, as I have merged more CVEs that are not covered in FP open or from Qualcomm CAF.
I’d have only one advice: if you are really concerned by security fixes, the only viable option at the moment is to buy a Pixel phone. That’s sad, but true.
MSM8974 does not get support anymore from qualcomm (for a while now). So who knows what problems the modem, blobs, or other closed source components have, that neither QCOM, nor FP can fix.
Lineage is doing best they can, but…
Didn’t know that that much is on your shoulders… But thinking about it, these are not LOS CVEs but kernel’s, and so it’s your burden… Can’t thank you enough, and I think with some conscious usage patterns one can at least try to minimize the exposure… In the end, there are probably still lots of undetected bugs, at least undetected by the “good side”. So, thanks again, and don’t let you get frustrated by the amount of work and naive “consumers”
No problem. I just wanted to clarify, that this is a constant work-in-progress and I try to do my best in my spare time.
PS: I was not joking about buying a Pixel. At the moment, the only guys who are to some extend on top of the security stuff is unfortunatly google.
No, I know, the Pixel is indeed first in line, and then there’s a certain amount of man power available at Google… Probably I even would use a Google device, if I hadn’t found the FP2, in 2015…
Update installed via TWRP (Edit: still 3.1.1-1 before I saw that 3.1.1-2 is out):
The following things work for me so far:
- call / be called
- send SMS / receive SMS
- internet via WiFi
- internet via mobile network
- main camera (new module)
- selfie camera (new module)
- USB connection to PC / MTP
- alarm (incl. swiping it off)
Would that result in the Baseband version being unchanged (4437.1-FP2-0-07)?
Thanks for all the work you’re all doing!!
Does anybody else have the problem, that when the phone is off and charging, it won’t boot? I have to unplug it, boot it and then replug it.
Yes, I do have the problem too…
My Problem was not any more getting Access to the system at all. I failed the moment I tried to enter the PIN for the SIM. I did not have access to the settings anymore.
Try new lineage from today.
Yes, the baseband blob hasn’t changed.
To apply this week update we need to update modem file right? in that case I just queue it in the TWRP install? First the LOS upload followed by the modem?