Project News

Occasional updates about DivestOS.

May 10th 2021 Update

System Updates

  • 14.1, 15.1, and 16.0 May ASB builds were published on May 8th.
  • 17.1 May ASB builds were published on May 9th.
  • 18.1 May ASB builds were published on May 10th.
  • 14.1, 15.1, and 16.0 rebuilds were published on April 15th.
  • 17.1, and 18.1 rebuilds were published on April 16th.
  • Devices using `encryptable=footer` were tested broken with `forceencrypt` again in the previous build cycle. Force encryption will once again only be set for devices with a dedicated encryption metadata partition.
  • There have been a handful of new kernel CVE patches as usual.
  • [upstream] Updated to May ASB.
  • [upstream] Updated WebView to Chromium 90.0.4430.82, has many security fixes. commit
  • 18.1 Updater Tor support was fixed.

Device Updates

  • cheeseburger/dumpling has finally been fixed on newer releases, likely caused by a stray toolchain. Should hopefully allow other similar devices to boot too.
  • Firmware repository has been updated and now supports 28 devices.

App Updates

  • Mull 88.1.1 and 88.1.3 were made available.
  • Hypatia on Android 11 was fixed.
  • GMaps WV has received support for Google Consent handling.
  • Hypatia received a translation into Russian thanks to @q1011!

Website Updates

  • The website has been relicensed from GPL-3.0 to AGPL-3.0 for better freedom assurance.

April 13th 2021 Update

System Updates

  • 17.1 rebuilds were published on April 2nd.
  • 14.1, 15.1, and 16.0 April ASB builds were published on April 11th.
  • 17.1 April ASB builds were published on April 12th.
  • 18.1 April ASB builds were published on April 13th.
  • [upstream] 18.1 branch has been marked as stable by LineageOS.
  • [upstream] Updated to April ASB.
  • 18.1 builds have begun for many devices.
  • 17.1 recovery has been updated to latest after utilizing rebranding work from 18.1 branch.
  • 17.1 and 18.1 include SeedVault for creating and restoring encrypted backups of app data. A USB OTG cable/adapter and flash drive is strongly recommended.
  • Experimental 18.1 builds before 04/06 for klte, bacon, and mako had broken recoveries. For klte please flash latest recovery via heimdall. For bacon/mako flash latest recovery via fastboot if unlocked. During testing it was discovered that it is impossible to unlock bacon once locked with an AOSP recovery flashed. A signed factory recovery for bacon can be provided if you've locked yours.
  • eSpeak-NG has replaced PicoTTS in 18.1 builds for the system text-to-speech provider.

Device Updates

  • Fenix based browsers were fixed on flo and hammerhead.
  • Sensors have been fixed on flox 17.1+.
  • In-place upgrade to 18.1 has been tested working on the following devices: mata, klte
  • The following devices cannot be in-place upgraded to 18.1 and must be wiped: bacon, clark, crackling, d852, d855, flox, fp2, m8, mako, shamu, victara.

Roster Updates

  • Many devices have been moved to 18.1 and dropped from 17.1.
  • avicii 17.1 builds are available (untested).
  • axon7 15.1 builds are available (untested).

App Updates

  • Mull was updated to 87.0.0.
  • MergedWiFiNLP had updates to support newer Android versions and added a database import file picker.

Website Updates

  • A unified script has been made for handling device downloads page metadata.
  • There are two new device statuses: "mostly works" and "likely works".

March 25th 2021 Update

System Updates

  • 15.1 rebuilds were published on March 14th with a patch for CVE-2019-2033.
  • 14.1, 15.1, and 16.0 rebuilds were published between the 24th and 25th.
  • Support for building on top of LineageOS 18.1 was added.
  • Scripts have been fixed to only include Silence on devices that support SMS.
  • Tweaks have been made to reduce RAM usage on devices with less then 2GB of RAM. Some of these tweaks cause graphical artifacts.
  • There have been a handful of new kernel CVE patches as usual.
  • [upstream] Updated WebView to Chromium 89.0.4389.105, has many security fixes. commit

Device Updates

  • dragon has been fixed and tested working on 15.1.

Roster Updates

  • Experimental 18.1 builds have been made available for select devices. More will be available and switched out once LineageOS marks 18.1 as stable.
  • FP3 17.1 builds are available (untested).
  • m7 14.1 builds are available (untested).
  • Users on flo 15.1 are urged to repartition to flox 17.1+.
  • Users on mako 15.1/16.0 are urged to repartition to mako 17.1.
  • Many devices had support dropped from old versions if they compile for newer versions to reduce maintenance burden.

App Updates

  • Hypatia received a full translation into Italian thanks to @dantecpu and Petra Mirelli!
  • Hypatia and Extirpater received a translation into Portuguese thanks to @inkhorn!
  • Hypatia received an initial translation into Spanish thanks to Petra Mirelli!

March 8th 2021 Update

System Updates

  • March ASB builds were released between the 5th and 8th.
  • There have been a handful of new kernel CVE patches as usual.
  • [upstream] Updated to March ASB.
  • [upstream] Updated WebView to Chromium 89.0.4389.72, has many security fixes. commit

Device Updates

  • cheryl now has verified boot support enabled after being missed.

Roster Updates

  • mako 16.0 will likely be dropped due to space requirements. Any users should repartition and update to 17.1.

App Updates

  • Mull was updated to 86.1.1.
  • Hypatia received a handful of bug fixes and necessary improvements.
  • Hypatia was translated into French thanks to Jean-Luc Tibaux and Petra Mirelli.
  • All F-Droid services had the .onion addresses added as available mirrors.
  • All F-Droid repos were upgraded to use 'fdroidserver' 2.0.
  • Hypatia now has translated app descriptions on F-Droid.
  • Extirpater, GMaps WV, MergedWifiNLP, and MotionLock all had their dependencies updated.

Website Updates

  • 'Device downloads' has gained per-device bootloader unlocking, relocking, and verified boot information.
  • AVB public keys are now available for all supported devices on the 'Device downloads' page.
  • 'Bootloader Unlocking' page received many refinements.
  • 'Browser Tables' page received some additions.
  • 'Device downloads' page now loads faster by reusing connection to the Redis instance.
  • Website should now be indexed by search engines, after removing 'robots' flags.
  • More information on donating was added.

Other Updates

  • GitHub and GitLab repositories were cleaned up (disabled unused features, labels added).

February 12th 2021 Update

System Updates

  • February ASB builds were released between the 6th and 8th.
  • Over 30 CVE patches for 3.10 were added. import and update
  • There have been many new kernel CVE patches as usual.
  • [upstream] Updated to February ASB.
  • [upstream] Updated WebView to Chromium 88.0.4324.152, has many security fixes. commit

Roster Updates

  • starlte and star2lte have been dropped due to being broken.

App Updates

  • Hypatia was translated into German by Petra Mirelli. link
  • Mull saw 85.1.2 release.
  • Petra Mirelli also made an F-Droid banner graphic for Hypatia. link
  • F-Droid banner graphics were also created for Mull and Extirpater.
  • F-Droid screenshots were added for Mull, Hypatia, and Extirpater.

Website Updates

  • The 'recommended apps' page had some additions. commit
  • The 'screenshots' page had some updates. commit

January 26th 2021 Update

System Updates

  • January ASB builds were released between the 10th and 14th.
  • Rebuilds were published on the 24th thru 26th primarily for CVE patcher updates.
  • IMS/VoLTE was made working on supported devices. image
  • CNE was removed after being briefly included in the Dec/Jan builds. This removal breaks Wi-Fi calling, but is likely worth the security benefits.
  • The deblobber received tweaks to better handle more property edits. commit
  • Part two of the Debian/retired Linux CVE import was completed. Linux 3.0, 3.4, and 3.10 devices benefit the most from this, averaging between 10 and 90 added CVE patches. import and update
  • The exec-based spawning feature from GrapheneOS was disabled. We likely failed to port it over correctly and the result is many subtle breakages.
  • All versions now include the LineageOS 17.1 APN list for better cell carrier compatibility. commit
  • All versions were mostly patched against the old CVE-2019-2306. commit
  • umask is now explicitly set in the build scripts and many files had their permissions corrected. This fixes many subtle issues.
  • [upstream] Updated to January ASB.
  • [upstream] Updated WebView to Chromium 88.0.4324.93, has many security fixes. commit

Device Updates

  • mata has long-standing audio issues, Lineage team has been trying to fix them. Currently the earpiece speaker works on calls, but the loud speaker cannot have its volume adjusted.
  • The microphone issue on shamu was resolved, was caused by our removal of some voice recognition blobs (which are required for adspd bring-up). commit
  • bullhead now installs (and works) after removing the firmware images to workaround the missing proprietary additions needed for their flashing. related

Roster Updates

  • mako was re-enabled for 16.0 for users who do not want to re-partition their device.
  • flo was re-enabled for 15.1, for users who do not want to re-partition their device.
  • mako was re-enabled for 15.1 for testing purposes.
  • hammerhead was re-enabled for 15.1 due to Bluetooth issues in 16.0.
  • ether and shamu were re-enabled for 15.1 as they are the last versions with working IMS.
  • star2lte was added to 17.1 and was tested broken, likely due to its usage of stock vendor.img.

App Updates

  • Mull saw 84.1.2, 84.1.4 and 85.1.0 releases.
  • Hypatia had some commits forward-ported from the stable branch to the unfinished dev branch. git log
  • The PrebuiltApps repository saw a handful of app updates. git log

Website Updates

  • The device downloads page now supports serving multiple build versions per device. commit
  • A 'news' page was added for changelogs and project history. commit
  • A 'network connections' page was added for documenting connections made by the system. commit
  • Pages with tables were fixed up for mobile.
  • The 'recommended apps' page had some additions. commit
  • The 'messengers' page received some needed updates.
  • The credits and legal notices section of the 'about' page was updated.
  • Some typos were fixed. commit

Other Updates

December 16th 2020 Update

General Updates

  • November and December ASB builds have been released.
  • Mull is now on its 3rd Fenix based release, with the latest 84.1.0. Huge thanks to @relan for their build scripts. repo link
  • Hypatia has been updated to show database release/update dates in addition to a multi-threading fix.
  • Etar is now used for the calendar app across all versions.
  • A handful of more proprietary blob variants have been removed.
  • Vendor build fingerprints are now all replaced.
  • Lots of miscellaneous fixes and cleanup.
  • All 15.1 builds and higher are now fully dexpreopted, this allows for reduced memory usage and also decreased boot times on FDE devices.
  • TCP SACK is no longer disabled. SACK PANIC has now been patched on nearly all kernels supported. It has valuable bandwidth saving benefits.
  • There have been many new CVE patches, especially for 3.18 kernels.

Roster Updates

  • clark has been updated from 14.1 to 17.1 (potential modem issues). In-place upgrade has been tested to work, but your mileage may vary.
  • flo has been updated from 15.1 to 17.1, but requires re-partitioning.
  • cheeseburger/dumpling are compiling for 17.1, but not booting.
  • coral and flame 17.1 builds are available (untested).
  • rs988 and h990 17.1 builds are available (untested).
  • yellowstone 16.0 builds are available (untested).
  • h870 15.1 builds are available (untested).

Website Updates

  • Paragraphs now have links for easy saving/sharing.
  • Browser, recommended apps, and functionality tables have all been updated.
  • A handful of credit updates.
  • There is now a captcha required to access the device downloads page. It works without JavaScript, and has audio support.
  • There is a new vanity onion address divestoseb5nncsydt7zzf5hrfg44md4bxqjs5ifcv4t7gt7u6ohjyyd.onion. The old address also still works. tool used
  • Most pages are now cached by the browser.
  • Most text based content served up will now be compressed either by deflate or brotli.

Other things

  • Old DivestOS patches have been used to remove AmbientSDK from Replicant. git tag
  • 3G is starting to be rapidly phased out, meaning calls with most carriers will not be possible unless IMS/VoLTE works on your device.
  • Heads up: LineageOS will most likely be dropping official 16.0 builds once 18.0/18.1 is released.

Future work

  • Test how much breakage the deblobber is causing to the IMS stack, or if that is upstream.
  • Finish importing this
  • Add back AOSP patching support to the CVE patcher. It is undecided how to best implement it.

October 10th 2020 Update

  • Most 3.4 devices should expect 40-100 more kernel CVE patches. git commit
  • Most 3.18 devices should expect 10-40 more kernel CVE patches. git commit
  • A handful of other kernel CVE patches are available for all other devices as per usual.
  • Lots of work has been done on making the CVE patcher easier for other projects to use. repo link
  • Mull is now severely out of date. There hasn't been the time to rebase it. It is strongly suggested to use Bromite or the new Fennec F-Droid until then. Bromite repo is already included in DivestOS F-Droid.
  • victara build failed last month due to recovery image being too large, however it is now once again available.
  • h850 and zenfone3 builds have been pulled as they were last updated in 2018 and 2019 respectively.
  • [upstream] Updated to October security bulletin.
  • [upstream] Updated WebView to Chromium 86.0.4240.75, has many security fixes.
  • 11/R builds will likely not be available until March with most devices hopefully being updated by May.

September 1st 2020 Update

  • The CVE patch database now has many more patches thanks to importing data from the Civil Infrastructure Platform CVE tracker.
  • The CVE patcher has had some minor fixes to improve output reliability.
  • There have been some GPS fixes for all branches, will be available in the next rebuilds.
  • Many new (untested) devices: pro1, enchilada, fajita, guacamole, guacamoleb, and broken beryllium.
  • Mull is likely on its last release due to ESR 68 branch being closed off.
  • Hypatia now supports an extra malware hash database from ESET.
  • Credits and screenshots on the website have been updated.