• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[EOL] LineageOS 12.1 for Z1c with current Sec.Patches

Status
Not open for further replies.
Search This thread
New build with October ASB patches

Hi all,

a new build with October 2020 patches is available for download:
https://sourceforge.net/projects/cm...e-12.1-20201014-UNOFFICIAL-amami.zip/download

This time, besides the usual Kernel patches, there was only one applicable patch in the Nfc app, as the other applicable patches have already been added last month:
See here: https://github.com/cm12-amami/discussion/issues/74

In addition, the e-mail widget of the shipped Mail app has been fixed.

EDIT: Test branch merged into stable for those of you building from source and/or for other devices.

Happy flashing - regards, M.
 
Last edited:
Future of this thread

Hi all,

this is to announce, that the build, which I am going to provide next month, will be the FINAL build for this thread!
I will afterwards stop to regularly provide futher builds.

As you can see in this post from last May, this thread is now active since 3 and a half years. I am pleased to see that there still has been a certain interest in these Android 5.1 builds - directly for the amami device, but also some further bilds using the cm12-amami GH organization as a base.
Therefore, I wanted to share some thoughts behind my decision (as opposed to simply "let it drop", as many other threads use to end here on XDA):

I have said in that mentioned post, that I would continue providing these builds, as long as I have time and fun and see some interest.

First of all, since a while, my available time is getting less, so I need to priotize my time spent on ROM building and development.
Further, I observe myself when working on the backports for this build, that I feel more and more like fulfilling "some obligation to support the other ROMs relying on my sources" rather than having fun doing this.
At the same time, it also starts to get frustrating, when almost no ASB patch can be backported, because the code is so entirely different.

Android 5.1 is long deprecated and whilst I am doing my best in trying to backport current ASB patches aiming at Android 11, 10, 9 and 8.1, I know that there are many components in this old version, which for sure would also need to be updated (e.g. many of the "platform/external/*" AOSP repositories) - so I am more and more wondering, to what extent this whole exercise still makes sense at all.
These builds (amami, togari, and the amazon devices) are for sure far better than having to use the devices with their original stock firmware, but the builds aren't really "secure" any more, let's simply face that fact! There is a huge "unknown" of vulnerabilities.

For the amami device, there are threads to support LineageOS 16.0 and LineageOS 17.1 - both providing builds on "daily driver" level.
So there is no need to really use the LineageOS 12.1 builds for this device (and use cases w/o SIM card, such as a "GPS and FM radio device for a mountain bike" do not require the most recent security patches).

Looking at the threads for the Elephone and the amazon devices, there is no (Elephone) or not a lot of activity (amazon devices) either any more. The only reasonably active thread is the togari thread.

Well, my sources are public and can be freely forked, so anyone willing to continue working on backport ASB patches is free to do so.
If somebody feels in the mood of continuing to keep LineageOS 12.1 up to date, please PM me and I could provide some tips & tricks on how to work on this (also in the next weeks)...

Well - that's about it - so please look forward to my next FINAL build and keep well.

Regards, M.
 
New build with November 2020 ASB patches - FINAL BUILD

Hello all,

as announced in my previous post, here comes the FINAL build of this thread with back-ported November 2020 ASB patches, ready for download:
https://sourceforge.net/projects/cm...e-12.1-20201112-UNOFFICIAL-amami.zip/download

  • ASB November 2020 patches (Sec. string 2020-11-05)
  • Additional fix of CVE-2019-2306 (Qualcomm)
  • Additional fix of CVE-2020-15999
  • System Webview on 86.0.4240.185 (which also addresses CVE-2020-15999)
  • As usual, applicable Kernel upstream patches applied

The test branch has already been merged into the stable branch, so people building from source and/or for other devices can start synchronizing their build tree.
(Again, many ASB patches could not be back-ported due to the outdated Android 5.1 code base)

A couple of final comments:
- Of course, please feel free to comment, as before, or report any issues. I'll leave the thread still open for a while and I'll provide answers, if applicable . . .
- If you identify a regression towards the October build (i.e. something worked properly in October build, but not now), I'll try to provide a fix, when I find the time.
- Things however, which haven't worked for a longer time (or maybe never worked properly), will not be looked at!

Well, that's it. Please refer to my previous post, where I made a comprehensive statement - not necessary to add anything.

Happy flashing - and all the best
Regards, M.
 
Migration / Upgrade advice

Hi all,

as mentioned before, there are threads for LineageOS 16.0 and LineageOS 17.1 for the amami device.

For those of you considering to upgrade your amami device to 16.0 or 17.1 from this thread's LineageOS 12.1 version - either now or at a later point in time in the future - it is very important to consider the below steps carefully:

  1. You cannot "dirty-flash" LineageOS 16.0 or 17.1 over 12.1, you need to clean install! (Don't even waste your time trying)
  2. Therefore: First step should be to make a nandroid backup in TWRP! (To be able to go back to 12.1, if needed)
  3. Carefully look and make a list of items (contacts, wifi passwords, ...), you need to manually setup again and how to (re)store them (take your time, so you don't regret having rushed...)
  4. If your device is currently encrypted, you must even format the /data partition!
  5. In that case, make sure to either store the TWRP backup on your SD card and not the internal memory, or copy it afterwards via USB to your PC!
  6. In that case, you must also backup the contents of your Internal memory (copy via USB to your PC) - if you do not need to format the /data partition, because your device is not encrypted, this step can be skipped (but it's in general a good idea to make a backup)
  7. Next, upgrade your TWRP - take the latest version from this thread
  8. If you need to format the /data partition, because your device is encrypted, do it now and restart TWRP
  9. Wipe the /system partition as well
  10. DON'T restore the Internal memory yet, if you had previously formatted the /data partition
  11. Copy the 16.0 or 17.1 ROM of your choice, and, if wanted, any Gapps ZIP to the Internal memory or SD card (read the installation instructions of the respective thread carefully) and flash the stuff
  12. Boot into the ROM. If you had formatted the /data partition and you wish to re-encrypt your device - DON'T restore anything. If asked e.g. by the setup wizard to do so, skip that step!
  13. If you want to encrypt your device, do it now, with the "naked" device (I recommend to even delete the ROM and Gapps ZIP files from the device's internal memory)
  14. Only now, after rebooting and encryption, restore your internal memory
  15. If you wish to restore anything from your Google account (in case you use Gapps), reboot to recovery and make a factory reset to re-launch the Setup-Wizard and now, you can restore your stuff
  16. Additionally, install manually your favorite apps again and do whatever is needed to set up your device and "restore" your content
  17. In case you wish to go back to 12.1 and your device is encrypted, you need to format the /data partition again accordingly!

If the amami device is your daily driver / main device, I strongly recommend to spend the time to upgrade in the next weeks or months.
If it is your secondary / spare device or even "special purpose" use w/o SIM card, you will come to your own conclusions on what to do.

Regards, M.
 
EOL

Well . . .

. . . Final build has been announced and shipped,
. . . Migration instructions to LineageOS 16.0 or 17.1 have been posted,
. . . No further feedback or questions received:

Time to declare the EOL of this thread then - this will be then most probably my last post in this thread.

Good bye, keep well - M.
 

ggow

Recognized Developer
Feb 28, 2014
3,893
10,560
Amazon Fire
Sony Xperia XZ1 Compact
EOL

Well . . .

. . . Final build has been announced and shipped,
. . . Migration instructions to LineageOS 16.0 or 17.1 have been posted,
. . . No further feedback or questions received:

Time to declare the EOL of this thread then - this will be then most probably my last post in this thread.

Good bye, keep well - M.

Thanks for your work on this, especially all the backporting. I know how tricky this can be because I was for a while doing the same thing for the firephone on cm-11.0.

(y)
 
Status
Not open for further replies.

Top Liked Posts

  • There are no posts matching your filters.
  • 58
    HAL-9000.png


    Hi all,

    this thread is discontinued

    this thread is dedicated to keep the LineageOS (former Cyanogen Mod) version 12.1 (Android 5.1.1) alive for the Sony Xperia Z1 compact with current security patches.

    Features
    • Enforcing SELinux (unfortunately, many ROMs for this device don't have it, but we do!)
    • Based on LineageOS sources (former CyanogenMod), branch 'cm-12.1'
    • Rebranded to LineageOS
    • Current Android security fixes included
    • Kernel 3.4.113 including Android Security Bulletin patches (frequently maintained and updated)
    • Privacy Browser as replacement of outdated AOSP Browser
    • Removed Cyngn-Tracking and Google-dependencies (same as LineageOS)
    • Support for microG available under development options
    • Current Android System Webview (M86 stable)
    • Enhanced Privacy Guard: Own switches for Wi-Fi scan, clipboard, notifications and vibrate
    • Renewed CA certificates from AOSP master branch
    • Use Cloudflare DNS 1.1.1.1 as default fallback (instead of Google)


    Download latest version with November 2020 security patches:

    release:
    https://sourceforge.net/projects/cm...e-12.1-20201112-UNOFFICIAL-amami.zip/download

    TWRP 3.2.3-1 for Z1c (amami)
    https://www.androidfilehost.com/?fid=6006931924117909119
    (Please note, that this TWRP does only support full-disk encryption (FDE) in all android releases; it does not support file-based encryption as of Nougat/Oreo)
    Older TWRP versions: https://androidfilehost.com/?w=files&flid=174382

    List of available Downloads:


    Source code and build instructions:
    Kernel: https://github.com/cm12-amami/android_kernel_sony_msm8974
    Build manifest: https://github.com/cm12-amami/android & https://github.com/cm12-amami/local_manifests
    microG-patch: Until July 2017 official microG patch, since August 2017 base and Settings patch for unified build (equivalent implementation as in OmniROM)


    Bug reports:
    If you have a problem please create a post with these information:
    Original Kernel shipped with this rom:
    Build Date:
    And try to get log as described here

    A comment about Custom CM12.1 Themes:
    CM 12.1 (Android 5.1) is meanwhile quite "aged", and maintaining it with security patches also involves back-porting stuff from newer Android versions, as well as keeping the Android Webview engine up to date. The majority of available CM 12.1 Custom Themes however is not really maintained any more. We have had one reported and one suspected case, where an active CM12.1 Custom theme which hasn't been maintained since more than two years, has caused an issue. Hence, if things crash and you use a custom theme, please try first to activate the shipped default theme. We cannot and will not put any effort to solve compatibility issues with old custom themes.

    Magisk
    It is reported that Magisk in general works up to version 19. From version 19.1 onwards, the recovery boot is broken, so do not use Magisk 19.1 and above with this ROM!
    We cannot, hence we will not, provide any support related to issues with Magisk.


    Installation instructions

    YOU ARE RESPONSIBLE SOLELY YOURSELF FOR ANY ACTIONS YOU DO WITH YOUR DEVICE !!!

    Please note - we won't explain any single aspect (e.g. how to install 'fastboot' on your PC or troubleshoot USB connectivity issues under Windows). Search the net and consult the search engine of your choice or look here in XDA, there is plenty information available.

    Pre-Requisites
    • Get familiar with the hardware keys of the Xperia Z1 compact device, especially how to enter fastboot mode and recovery mode
    • Have fastboot and adb installed on your PC and make sure, you can connect via USB to your device in fastboot mode and via adb
    • Download the most current .ZIP file of our ROM and place it to your phone's internal memory or SD card
    • If you wish to install Google apps (GApps), please refer to the GApps section further below
    • An unlocked bootloader (read the warnings carefully and backup your data!)
    • In case your device is still with the pre-delivered Sony Stock ROM: It is recommended that you have updated the Stock ROM to the latest version offered by Sony to make sure that the bootloader has the needed capabilities (see also 'trouble-shooting' below)

    Install TWRP recovery
    If you come from stock ROM and have just unlocked your boot loader, this is the next thing to do. If you have already a working custom recovery on your device, there is no necessity to replace it. However - we recommend to use the TWRP recovery linked in this thread. The following instructions are based on TWRP.
    To install TWRP, download the TWRP.img file (Note: replace "TWRP.img" in the following instructions with the real file name) from this section to your PC, connect the phone via USB to your PC, get it into 'fastboot mode' and enter the following command on your PC:
    Code:
    fastboot flash FOTAKernel TWRP.img
    Afterwards, directly boot into 'recovery mode' (enter fastboot reboot on your PC and use the right hardware keys to get into recovery mode) - we recommend not to boot the phone's Android system after having flashed TWRP. Once TWRP has been launched, you may decide to reboot your phone and install the ROM at any time later. But the first boot after flashing TWRP should be TWRP in recovery mode.
    Trouble-shooting:
    Depending on the Stock ROM you are on, you may face some difficulties to get the phone into recovery after flashing TWRP. If you are facing such difficulties (i.e. phone always boots into Stock ROM), get into fastboot mode, and manually boot into TWRP by entereing the below command:
    Code:
    fastboot boot TWRP.img
    If that also does not help you, it could be that your Stock ROM has got a too old bootloader. In that case, use the Sony flash tool (Windows only) or Androxyde's Open source flshtool to flash a more current Sony firmware image. Both approaches can also help to "unbrick" your device.


    Advanced Wipe
    ONLY perform the steps described here, if you come from Stock ROM or a different Custom ROM!

    Boot into recovery mode. In TWRP, choose "Wipe", "Advanced" and spefify "Dalvik", "System", "Cache" and "Data" to be wiped. Make sure NOT to wipe "Internal memory" or "SD Card". Swipe to confirm the deletion and get back into the main menu.

    GApps
    You do not need to install GApps, but you may wish to do so. In that case, download GApps from here and put the .ZIP also to the SD card or Internal memory of your device. Choose ARM as platform, Android 5.1 and the flavor of your choice. We recommend "pico", as this leaves you the most freedom to only install, what you really need; you can later still install all the Google products you want and do not need to live with pre-installed Google applications you have no use for.

    Install our ROM
    In the TWRP main menu, choose "Install". A file manager appears to let you navigate to your internal memory (path /sdcard) or your SD card (path /external_sd). Choose the .ZIP file of our ROM and swipe to flash.
    If you update from a previous version of our ROM, you don't need to perform a wipe. If you had GApps already installed before the update, there is no need to flash them again. They will be automatically restored during the flash process. (Note: If you wish to get rid of GApps, navigate to TWRP's file manager in the Advanced section of the main menu, go to path /system/addon.d and delete the file 70-gapps.sh, before flashing the ROM update)
    If you come from a different ROM (or stock firmware), make sure that you have performed the Wipe steps above. If you wish to install GApps, select the respective .ZIP file directly afterwards, do not boot into Android before having flashed GApps.
    When finished flashing, return to the main menu, choose "Reboot" and then "System", which will cause your phone to boot into our Lineage OS 12.1 - be patient, the first boot after flashing a new ROM takes quite long!



    This has been a joint effort of hahnjo, Micha_Btz and Mse1969, based on the LineageOS sources on GitHub (https://github.com/LineageOS). Meanwhile, hahnjo and Micha_Btz aren't active any longer in this project. Special thanks also to derf elot, who is not active any longer in this project, but he has laid the solid foundation for it.
    You can view the progress and discussion about this initiative by looking at the issues in our discussion repository https://github.com/cm12-amami/discussion - contributions and pull requests are welcome, since applying backports of the actual android security bulletins is a lot of work.


    XDA:DevDB Information
    LineageOS 12.1 for Xperia Z1 compact , ROM for the Sony Xperia Z1 Compact

    Contributors
    MSe1969, derf elot, Micha_Btz, hahnjo
    Source Code: https://github.com/cm12-amami

    ROM OS Version: 5.1.x Lollipop
    ROM Kernel: Linux 3.4.x
    ROM Firmware Required: Unlocked Bootloader
    Based On: LineageOS

    Version Information
    Status:
    Stable
    Current Stable Version: cm-12.1
    Stable Release Date: 2020-11-12

    Created 2017-05-31
    Last Updated 2020-11-29
    13
    New build with May ASB patches and 2-year anniversary

    Hi all,

    a new build with the May security patches is available for download:
    https://www.androidfilehost.com/?fid=1395089523397962395

    • ASB Security patches May 2019 (sec. string 2019-05-05)
    • Privacy Browser updated to version 3.0.1
    • Android System Webview updated to M74
    • Missing CVE-2017-0554 and CVE-2017-0840 have been backported and included

    Please note, that in the May 2019 ASB, a couple of fixes to the V8 engine have been published by Google. Those do not apply to the old V8 version used in Android 5.1 (which means that the specific vulnerability is not present). It is however a fact, that the V8 engine used in this build is an old version (which cannot easily be updated) . . .
    If one of you has an idea how to use e.g. a more recent V8 engine (e.g. from cm-14.1) in an Android 5 build tree, we will be happy to go that path.

    For those of you building from source, I will merge the test branch into the stable branch soon (will announce this in a separate post).

    Also to be mentioned, that roughly two years ago, we have started to provide these builds for the Z1c device (first by "hijacking" or "re-animating" another Z1c cm-12.1 thread) and then, on May 31st 2017, we have created this thread here. So thanks for your continued interest in these builds. :)

    Happy flashing
    M.
    12
    New release with June ASB Sec. Patches

    Hi,
    a new build with the June 2018 ASB patches is now available for download:
    https://www.androidfilehost.com/?fid=890278863836290768

    • Security string 2018-06-05
    • Privacy Browser updated to V2.10
    • Privacy-focused default setting (only at clean install): Hide sensitive information on lock screen

    The test branch has already been merged into the stable branch for those who build from source.
    Regards, M.
    11
    Change Log
    Applies to both versions, 'standard' and 'microG-patched' until July 2017 release
    Since August 2017, there is a unified build

    November 12th, 2020 - FINAL build
    - ASB November 2020 patches (sec. string 2020-11-05)
    - Addl. fix of CVE-2019-2306
    - Addl. fix of CVE-2020-15999
    - System Webview on 86.0.4240.185

    October 15th, 2020
    - ASB October 2020 patches (sec. string 2020-10-05)
    - Fix of E-Mail widget

    September 15th, 2020
    - ASB September 2020 patches (sec. string 2020-09-05)
    - Webview updated to 85.0.4183.101
    - Privacy Browser updated to version 3.5.1

    August 12th, 2020
    - ASB August 2020 patches (sec. string 2020-08-05)
    - Kernel: Upstream fixes and PR merges from @fowof
    - Webview updated to 84.0.4147.89

    June 09th, 2020
    - ASB June 2020 patches (sec. string 2020-06-05)
    - Ported missing CVE-2020-0096 ("Strandhogg") from May ASB
    - Webview updated to 81.0.4044.138

    May 13th, 2020
    - ASB May 2020 patches (sec. string 2020-05-05)
    - Webview updated to 81.0.4044.117

    April 15th, 2020
    - ASB April 2020 patches (sec. string 2020-04-05)
    - Privacy Browser updated to version 3.4.1
    - Fix for CVE-2020-8597 (external/ppp)
    - Kernel: CVE-2019-10638 siphash 128bit for IP generation

    March 15th, 2020
    - ASB March 2020 patches (sec. string 2020-03-05)
    - Webview updated to 80.0.3987.132

    February 16th, 2020
    - ASB February 2020 patches (sec. string 2020-02-01)
    - Webview updated to 79.0.3945.136

    January 14th, 2020
    - ASB January 2020 patches (sec. string 2020-01-05)
    - Privacy Browser updated to version 3.3
    - Webview updated to 79.0.3945.116

    December 09th, 2019
    - ASB December 2019 patches (sec. string 2019-12-05)
    - Webview updated to 78.0.3904.108
    - Kernel: Amongst several patches, backported CVE-2019-2215 from October 2019 ASB
    - Skipped CVE-2019-2212 from ASB 2019.11 included
    - Skipped CVE-2019-2196/CVE-2019-2198 from ASB 2019.11 included
    - Skipped CVE-2019-2117 from ASB 2019.07 included
    - DownloadProvider part of CVE-2018-9493 from ASB 2018.10 now also included

    November 17th, 2019
    - ASB November 2019 patches (sec. string 2019-11-05)
    - Webview updated to 78.0.3904.96

    October 16th, 2019
    - ASB October 2019 patches (sec. string 2019-10-05)
    - Webview updated to 77.0.3865.116

    September 10th, 2019
    - ASB September 2019 patches (sec. string 2019-09-05)
    - Implemented CVE-2018-20346 (aka "Magellan"), which was outstanding from March 2019 ASB
    - Implemented CVE-2019-2031 outstanding from April 2019 ASB
    - Webview updated to 76.0.3809.111

    August 11th, 2019
    - ASB August 2019 patches (sec. string 2019-08-05)
    - Additional (backported) security patches from AOSP branch 'nougat-mr2-security-release'
    - Privacy Browser updated to version 3.2
    - SetupWizard rebranded to LineageOS

    July 4th, 2019
    - ASB July 2019 patches (sec. string 2019-07-05)
    - System Webview M75 - updated to 75.0.3770.101

    June 16th, 2019
    - ASB June 2019 patches (sec. string 2019-06-05)
    - Privacy Browser updated to version 3.1
    - System Webview M74 - updated to 74.0.3729.157
    - Included CVE-2017-0554 and CVE-2017-0840

    May 9th, 2019
    - ASB May 2019 patches (sec. string 2019-05-05)
    - Privacy Browser updated to version 3.0.1
    - System Webview M74

    April 8th, 2019
    - ASB April 2019 patches (sec. string 2019-04-05)
    - Privacy Browser updated to version 2.17.1

    March 13th, 2019
    - ASB March 2019 patches (sec. string 2019-03-01)
    - Privacy Browser updated to version 2.17
    - Android System Webview updated to M72 (includes CVE-2019-5786)

    February 9th, 2019
    - ASB February 2019 patches (sec. string 2019-02-05)
    - Privacy Browser updated to version 2.16
    - Fix of carrier display of Telefonica Germany, part 2 (thanks to @awl14 )
    - Kernel: Additional 'spectre' mitigations

    January 13th, 2019
    - ASB January 2019 patches (sec. string 2019-01-05)
    - System Webview M71
    - Privacy Browser updated to version 2.15.1
    - Fix of carrier display of Telefonica Germany
    - App usage stats disabled by default

    December 7th, 2018
    - ASB December 2018 patches (sec. string 2018-12-05)
    - Fix of 'adb root' bug (see LineageOS announcements)
    - Addl. fix of CVE-2018-9531, CVE-2018-9536 and CVE-2018-9537 from November ASB, which are flagged Android 9 only, but also apply
    - Backport of CVE-2017-15835 (skipped in November ASB)

    November 7th, 2018
    - ASB November 2018 patches (sec. string 2018-11-05)

    October 20th, 2018
    - ASB October 2018 patches (sec. string 2018-10-01)
    - Android System Webview updated to M69
    - Indication in Settings that Security patch level is unofficial

    September 9th, 2018
    - ASB September 2018 patches (sec. string 2018-09-05)

    August 13th, 2018
    - ASB August 2018 patches (sec. string 2018-08-05)
    - Privacy Browser updated to version 2.12

    July 16th, 2018
    - ASB July 2018 patches (sec. string 2018-07-05)
    - Privacy Browser updated to version 2.11
    - Android System Webview updated to M67
    - Additional kernel fixes CVE-2018-1092 / CVE-2018-1093

    June 10th, 2018
    - ASB June 2018 patches (sec. string 2018-06-05)
    - Privacy Browser updated to version 2.10
    - Privacy-default setting (at clean install): Sensitive information is hidden on the lock screen

    May 16th, 2018
    - ASB May 2018 patches (sec. string 2018-05-05)
    - Android System Webview updated to M66
    - Privacy Browser updated to version 2.9
    - Use Cloudflare DNS 1.1.1.1 as default fallback (instead of Google's 8.8.8.8)
    - Further fix for the "Ask" topic in Privacy Guard to mimic the defined behavior

    April 20th, 2018
    - ASB April 2018 patches (sec. string 2018-04-05)
    - Android System Webview updated to M65
    - GPS https-fix (CVE-2016-5341)

    March 13, 2018
    - ASB March 2018 patches (sec. string 2018-03-05)
    - Android System Webview updated to M64
    - Privacy Browser updated to version 2.8.1
    - Renewed CA certificates from AOSP master branch

    February 11, 2018
    - ASB February 2018 patches (sec. string 2018-02-05)
    - Applied many past ASB patches flagged as "not publicly available"
    - Privacy Guard enhancements: Own switches for Wi-Fi scan, clipboard, notifications and vibrate

    January 16, 2018
    - ASB January 2018 patches (sec. string 2018-01-05)
    - Webview switched to stable M63
    - SQLite 'secure delete' feature enabled

    December 14, 2017
    - ASB December 2017 patches (sec. string 2017-12-05)
    - Privacy Browser updated to version 2.7.2
    - Backported patches for su (root app) from LineageOS 13

    November 19, 2017
    - ASB November 2017 patches (sec. string 2017-11-06)
    - Privacy Browser updated to version 2.7.1

    October 28, 2017 (interim release)
    - Fix WPA-TKIP issue after applying "krack" fix

    October 20, 2017 (interim release)
    - Fix for KRACK attack (see https://www.krackattacks.com/)
    - Android System Webview updated to M64

    October 06, 2017
    - ASB October 2017 patches (sec. string 2017-10-05)
    - Fixed 'Hardware Overlay' bug
    - Addl. kernel fix for the 'Blueborne' vulnerability

    September 26, 2017
    - ASB September 2017 patches (sec. string 2017-09-05)

    September 21, 2017 (interim release)
    - Security patch level 2017-09-01 (yet w/o September ASB kernel patches), but fixed 'Blueborne'
    - Privacy Browser updated to version 2.6

    September 2, 2017 (interim release)
    - Privacy Browser updated to version 2.5

    August 23, 2017
    - ASB August 2017 patches (sec. string 2017-08-05)
    - Unified build: microG patch included, needs to be enabled in the developer settings
    - Android System Webview updated to most current M60

    July 16, 2017
    - ASB July 2017 patches (sec. string 2017-07-05)
    - Kernel rebased and merged to release 3.4.113
    - Privacy Browser updated to version 2.4
    - Lock Clock: Removed built-in Google lib (Back port from LineageOS)
    - Settings (1): Rebranding to LineageOS, link to LineageOS privacy policy (Backport from LineageOS)
    - Settings (2): Elimination of Stats tracking (Backports from LineageOS: (1), (2), (3), (4))
    - SetupWizard (1): Removed built-in Google lib (Back port from LineageOS)
    - SetupWizard (2): Removed 'opt-out' for stats tracking (will simply be switched off by default)
    - SetupWizard (3): Added option to switch on Privacy Guard
    - Trebuchet Launcher (1): Removed 'Cyngn'-tracking (Back port from LineageOS)
    - Trebuchet Launcher (2): Show 'Privacy Browser' as default Browser on new installs

    June 11, 2017
    - ASB June 2017 patches (sec. string 2017-06-05)
    - Android System Webview updated to most current M59
    - Replaced old (and insecure) Browser app with Privacy Browser

    May 25, 2017
    - ASB May 2017 patches (sec. string 2017-05-05)
    - Lineage OS 'su hide' patch applied
    - Lineage OS Boot animation (instead of old CM)

    May 14, 2017
    - ASB April 2017 patches (sec. string 2017-04-05)
    - Removed CMUpdater from build
    11
    New version available with March patches

    Hi,

    a new version of our ROM is available for download here.

    It consists of the following:
    • AOSP patch level 2018-03-05
    • Android System Webview updated to M64
    • Renewed CA-certificates from AOSP master branch
    • Privacy Browser updated to version 2.8.1

    This build also contains the most current CA certificates from the AOSP master branch, as the certificates were partly outdated.
    Will soon update the stable branch for those of you building from source, and also update the OP.

    Regards, M.