FORUMS
Remove All Ads from XDA

[SHARE] Official CM11

238 posts
Thanks Meter: 147
 
By Tonio78r, Senior Member on 17th March 2014, 03:49 PM
Post Reply Email Thread
18th June 2016, 01:05 AM |#451  
Senior Member
Thanks Meter: 223
 
More
Quote:
Originally Posted by Tom Mix

@derf elot
thank you 4 the CM11 build!
i am one of those sticking with KK because i dont see any advance
by LP or MM. may it bee the battery life or my quick-tiles or the quick unlock...

thanks i have found this topic, even by accident

post sciptum: where can i find the info about the difference between: twrp-3.0.2-1.img vs.twrp-3.0.2-1_cm11_test.img

Sorry for the late reply. Life's been very busy theses days, and now there's all this football to watch, too The "twrp-3.0.2-1_cm11_test.img" file was simply a test to see if decryption would work this way on cm11, too. Unfortunately, it doesn't. So if you are using encryption, I would recommend to stick with TWRP 2.8.7.0.

---------- Post added at 12:49 AM ---------- Previous post was at 12:47 AM ----------

Quote:
Originally Posted by groggog

Hi!
I've been using the official CM11 for a long time, and the camera quality has annoyed me quite a bit. I'm really happy to see that others are updating CM11! I didn't even think about security holes...!

A big question for me is - does this include the original camera firmware, or a way to install it? Or is the Camera quality improved over official CM11?

Hi,

the camera is unchanged as compared to official CM11. I am only adding security patches. The exception being one patch to make the official Xposed work again due to some changes in CM source code.

---------- Post added at 01:05 AM ---------- Previous post was at 12:49 AM ----------

Hi guys,

new builds of both CM11 and CM12.1 - don't want to jump into the 'official' CM12.1 thread and too lazy to make a new one Changes include:
  • Google June 2016 security patches
  • fix for CVE-2016-2488 (kernel)
  • fix for CVE-2016-4482 (kernel)
  • fix for CVE-2016-4805 (kernel)
  • bunch more fixes, including some Google kernel patches...see my github for details

Github links:

CM11 kernel branch: https://github.com/derfelot/android_...4/tree/cm-11.0

CM12.1 kernel branch: https://github.com/derfelot/android_...4/tree/cm-12.1

Download link:

CM11: https://www.androidfilehost.com/?fid=24591000424940717

CM12.1: https://www.androidfilehost.com/?fid=24591000424940718

I haven't had the chance yet to check for CVE-2015-6616 in CM11. Could somebody please test this and let me know? If it's still vulnerable, I should have some time this weekend to take a look at it.

As always, if you come across any specific CVE that you think I might have missed, let me know and I'll see what I can do.

Cheers
The Following 6 Users Say Thank You to derf elot For This Useful Post: [ View ] Gift derf elot Ad-Free
 
 
18th June 2016, 04:33 AM |#452  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by derf elot


I haven't had the chance yet to check for CVE-2015-6616 in CM11. Could somebody please test this and let me know? If it's still vulnerable, I should have some time this weekend to take a look at it.
Cheers

Hi,
first thing to say: many thanks for the new build.
I installed it without any additional patches, everything seems ok.
Unfortunately VTS shows CVE-2015-6616 still to be there.

Regards

R.
18th June 2016, 06:22 PM |#453  
Senior Member
Thanks Meter: 223
 
More
OK, I checked everything twice again, and the patches are definitely merged.

I then checked the VTS github and, as I already suspected a month ago, there is indeed a problem with the detection of this CVE inside VTS.

See the commit here: https://github.com/AndroidVTS/androi...2124d24429c3c9

The patch is not merged yet, but I would expect new versions to be able to test it correctly.
The Following User Says Thank You to derf elot For This Useful Post: [ View ] Gift derf elot Ad-Free
18th June 2016, 07:06 PM |#454  
Junior Member
Thanks Meter: 2
 
More
Anyone installed the CM12 built over the previous CM11 one with any unpleasant experience?
18th June 2016, 07:59 PM |#455  
Senior Member
Thanks Meter: 223
 
More
Quote:
Originally Posted by TroyBrown

Anyone installed the CM12 built over the previous CM11 one with any unpleasant experience?

Never tried this. When moving between different Android versions, I always do a full wipe

For the CM11 people, since I had a bit of time, I built a VTS version containing the fixes for the CVE-2015-6616 detection. Feel free to have a try

Edit: The error you get for CVE-2016-0807 detection is completely normal, since it only concerns Android 6.0 and neither KK nor LP.
Attached Files
File Type: apk vts_test.apk - [Click for QR Code] (2.95 MB, 24 views)
The Following 3 Users Say Thank You to derf elot For This Useful Post: [ View ] Gift derf elot Ad-Free
2nd August 2016, 07:34 PM |#456  
Hi derfelot. Do you still make security updates for cm11?
2nd August 2016, 07:44 PM |#457  
Senior Member
Thanks Meter: 223
 
More
Hi,

yes I do. Unfortunately, the July patches are still not merged yet:

http://review.cyanogenmod.org/#/q/branch:cm-11.0

The August ones were just published by Google as well, so maybe they will get merged together.
The Following 3 Users Say Thank You to derf elot For This Useful Post: [ View ] Gift derf elot Ad-Free
14th August 2016, 06:41 PM |#459  
Senior Member
Thanks Meter: 223
 
More
Hi all,

the July and August patches have been merged into CM11 this week. For both CM11 and CM12.1 (actually CM12.1.1 now, don't really know why) I've also included a bunch more kernel fixes:
  • July Google security patches
  • August Google security patches
  • CVE-2015-2686
  • CVE-2015-4177
  • CVE-2015-8937
  • CVE-2015-8944
  • CVE-2016-2504 (part of Quadrooter)
  • CVE-2016-2059 (part of Quadrooter)
  • CVE-2016-2544
  • CVE-2016-4470
  • CVE-2016-4998
  • CVE-2016-5340 (part of Quadrooter)
  • CVE-2016-5829
  • Bunch more, you can see on my github

I know, that the "QuadRooter Scanner" app still shows CVE-2016-5340 as being unfixed (it does on CM12.1.1 at least), but that's most likely a problem with their detection algorithm as others are reporting the same issue. Also, CVE-2016-2503 is - form what I can tell - not a problem for the 3.4 kernel, so it doesn't apply to us.

Here are the download links:

CM11: https://www.androidfilehost.com/?fid=24591000424954650

CM12.1.1: https://www.androidfilehost.com/?fid=24591000424954636

Cheers
The Following 7 Users Say Thank You to derf elot For This Useful Post: [ View ] Gift derf elot Ad-Free
14th August 2016, 08:03 PM |#460  
Nice work! Going to download and install it right now. Thanks again!
15th August 2016, 02:56 AM |#461  
Junior Member
Thanks Meter: 1
 
More
Quote:
Originally Posted by derf elot

Hi all,


I know, that the "QuadRooter Scanner" app still shows CVE-2016-5340 as being unfixed (it does on CM12.1.1 at least), but that's most likely a problem with their detection algorithm as others are reporting the same issue. Also, CVE-2016-2503 is - form what I can tell - not a problem for the 3.4 kernel, so it doesn't apply to us.


Cheers

Once again, everyting seems to work perfectly in first tests, also your explanation above seems to be right, and i can confirm that CVE-2016-5340 is shown unfixed in CM11 as well.

Thanks again for your work!!
Post Reply Subscribe to Thread

Tags
amami, cm11, kitktat, rom, z1 compact

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes