KindnessInfinity

Changes in version 130.0.6723.102.1:

• backport upstream patch for spell checking related crash

A full list of changes from the previous release (version 130.0.6723.102.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

Tags:

• 2024110700 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, emulator, generic, other targets)

Changes since the 2024110400 release:

• full 2024-11-05 security patch level
• rebased onto AP3A.241105.007 Android Open Source Project release (November monthly release of Android 15)
• ignore Person.Builder.setUri() when Contact Scopes is enabled since apps can't access the contact's URI with Contact Scopes enabled (this resolves the incompatibility between Contact Scopes and apps attaching contact information to notifications which was introduced by a November Android Security Bulletin patch)
• fix "App info" uninstall dialog link added by GrapheneOS not working in some cases for secondary profile apps
• GmsCompatConfig: update to version 147
• Vanadium: update to version 130.0.6723.102.0

We're investigating a compatibility issue between WhatsApp and Contact Scopes impacting push notifications. It started in the past couple days via a WhatsApp update, Google Play update or November Android Security Bulletin patches we shipped Monday before the stock OS today.

Issue appears to be caused by one of the November 2024 Android Security Bulletin patches we shipped early on Monday interacting poorly with our Contact Scopes feature. We're working on confirming it and implementing a workaround for Contact Scopes + WhatsApp push compatibility.

A new release of Android is in the process of being published today and we'll be quickly moving to being based on it as we always do. We'll try to include a workaround for this WhatsApp issue in today's release. We can add a temporary workaround and switch to a cleaner fix later.

This issue is resolved in the latest release of GrapheneOS pushed out via Alpha and Beta last night. Has been rolling out to everyone since earlier today:

https://grapheneos.org/releases#2024110700

The security patch is strangely not in the mainline Android releases yet but we're including it.

Changes in version 148:

• force GCM flags for Firebase Cloud Messaging to their default values to avoid possible issues from flags being rolled out to a small subset of users

A full list of changes from the previous release (version 147) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

GmsCompatConfig is the text-based configuration for the GrapheneOS sandboxed Google Play compatibility layer. It provides a large portion of the compatibility shims and sets the maximum supported versions for Play services and the Play Store.

Changes in version 130.0.6723.102.0:

• update to Chromium 130.0.6723.102

A full list of changes from the previous release (version 130.0.6723.86.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

Changes in version 147:

• don't disable GcmFeature__use_prioritized_alarm_api flag since this isn't needed, could theoretically break FCM push and it will start applying again after GrapheneOS 2024110400
• fix FIDO support on current Play services versions in combination with the flag fixes in GrapheneOS 2024110400
• update max supported version of Play Store to 43.4

A full list of changes from the previous release (version 146) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

GmsCompatConfig is the text-based configuration for the GrapheneOS sandboxed Google Play compatibility layer. It provides a large portion of the compatibility shims and sets the maximum supported versions for Play services and the Play Store.

This is an early November security update release based on the November 2024 security patch backports since a monthly Android Open Source Project and stock Pixel OS release hasn't been published yet.

Tags:

• 2024110400 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, emulator, generic, other targets)

Changes since the 2024103100 release:

• full 2024-11-01 security patch level
• fix a bunch of upstream Android bugs breaking SMS and MMS functionality in secondary profiles, including both Android 15 regressions and pre-existing issues
• backport upstream Android fix for UsageStatsDatabase locking from the AOSP main branch
• Sandboxed Google Play compatibility layer: fix flag overrides being partly ignored on recent versions
• add workaround for rare system_server null pointer exception crash in showShutdownDialog()
• add missing null handling for extended application error report
• fix upstream bug causing App Not Responding link to not work properly outside of Owner
• Settings: avoid opening parent user log viewer in nested profiles (Private Space, work profile)
• System Updater, GmsCompat: reduce included SettingsLib components to reduce the size of these apps from around 10MB each to below 4MB each
• GmsCompatConfig: update to version 146

Changes in version 146:

• update max supported version of Play services to 24.44
• update max supported version of Play Store to 43.3

A full list of changes from the previous release (version 145) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

GmsCompatConfig is the text-based configuration for the GrapheneOS sandboxed Google Play compatibility layer. It provides a large portion of the compatibility shims and sets the maximum supported versions for Play services and the Play Store.

Tags:

• 2024103100 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, emulator, generic, other targets)

Changes since the 2024102400 release:

• improve our existing fix for an upstream Android bug impacting apps using the telephony service in secondary users to fix support for disabling re-routing of Google Play location requests to the OS for fresh installs of sandboxed Google Play since the release of Android 15
• Sandboxed Google Play compatibility layer: extend wired Android Auto toggle to additional methods used in edge cases
• fix changing USB-C port control setting to a lower security level not fully applying until after locking and unlocking
• Settings: fix per-app exploit protection toggles for Private Space
• Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold: disable Wi-Fi HAL debug logging to avoid memory corruption caught by hardware memory tagging on GrapheneOS
• raise system log buffer size from 256KiB to 512KiB to make logs obtained by users reporting issues more useful
• enable stamp configuration for microdroid kernel builds to set LOCALVERSION based on version control information as expected
• kernel (6.6): disable unused hibernation support
• kernel (6.6): disable unused TIOCSTI ioctl (already blocked via standard Android SELinux ioctl filtering)
• kernel (6.6): disable unused cachestat system call (already blocked for apps via standard Android seccomp-bpf policy)
• kernel (6.6): enable random kmalloc caches for x86_64 and microdroid too, not only bare metal arm64
• kernel (6.6): enable full struct randomization for x86_64 and microdroid too, not only bare metal arm64
• kernel (6.6): enable DEBUG_SG for microdroid too, not only bare metal
• kernel (6.6): enable FORTIFY_SOURCE for microdroid too, not only bare metal
• kernel (6.6): disable BINFMT_MISC for microdroid too, not only bare metal
• kernel (6.6): disable RSEQ for microdroid too, not only bare metal
• kernel (6.6): add SYSRQ restrictions for microdroid too, not only bare metal
• kernel (6.6): use the same KFENCE configuration for microdroid as bare metal
• mark Sensors permission as implicitly added
• avoid adding Sensors permission to hasCode=false packages
• improve our implementation of extending verified boot to out-of-band shared library APK updates
• Log Viewer: add userType line to header in non-Owner users
• Log Viewer: add targetSdk and sharedUid to package info header
• System Updater: update minimum and target API level to 35 (Android 15)
• adevtool: update carrier settings
• Vanadium: update to version 130.0.6723.86.0
• Info: update to version 5
• Auditor: update to version 87
• Sandboxed Google Play compatibility layer: fix development support in OS debug builds

Changes in version 130.0.6723.86.0:

• update to Chromium 130.0.6723.86

A full list of changes from the previous release (version 130.0.6723.73.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

Notable changes in version 87:

• update Android SDK to 35 (Android 15)
• update target SDK to 35 (Android 15)
• use new attestation.app API with /auditor/ prefix and JSON response for verify API
• remove subscribe key for attestation.app account after successful verification
• update Gradle to 8.10.2
• update Android Gradle plugin to 8.7.1
• update Kotlin to 2.0.21
• update Android NDK to 27.2.12479018
• minor performance and robustness improvements

A full list of changes from the previous release (version 86) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS App Store which provides fully automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel. These releases are also bundled as part of GrapheneOS and published on GitHub.

GrapheneOS users must obtain GrapheneOS app updates through our App Store since verified boot metadata is required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Notable changes in version 5:

• improve appearance of cards
• mark headings semantically for accessibility
• show error message when lacking a browser to handle opening links
• add info button with link to about the releases to Release Notes top bar
• implement adaptive navigation for improved support across window sizes and better animations
• add full support for edge-to-edge
• update Android SDK to 35 (Android 15)
• update target SDK to 35 (Android 15)
• update Gradle to 8.10.2
• update Android Gradle plugin to 8.7.1
• update Android NDK to 27.2.12479018
• update Kotlin to 2.0.21
• update AndroidX Compose BOM libraries to 2024.10.00
• update AndroidX Navigation Compose library to 2.8.3
• update AndroidX Activity Compose library to 1.9.3
• update AndroidX Lifecycle libraries to 2.8.6

A full list of changes from the previous release (version 4) is available through the Git commit log between the releases.

Releases of the app are published in the GrapheneOS App Store. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS App Store on Android 12 or later for automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel.