cm0002

Tags:

• 2025100300 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, Pixel 9a, emulator, generic, other targets)

Changes since the 2025092700 release:

• add support for force enabling VoLTE, VoNR and 5G for carriers where those aren't supported with the standard configurations
• revert backport of Pixel Wi-Fi extension APEX from Android 16 QPR1 due to it causing a system_server crash since it needs changes there too (this does not reduce the patch level)
• kernel (6.1): update to latest GKI LTS branch revision including update to 6.1.154
• kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.108
• kernel (6.12): update to latest GKI LTS branch revision including update to 6.12.49
• update SQLite to 3.44.5 LTS release
• Network Location, System Updater: add new Let's Encrypt roots to TLS key pinning configuration
• GmsCompatConfig: update to version 162
• Camera: update to version 89

Additional security patches from the November 2025 and December 2025 Android Security Bulletins are included in the 2025100301 security preview release. List of additional fixed CVEs:

• Critical: CVE-2025-48593
• High: CVE-2022-25836, CVE-2022-25837, CVE-2023-40130, CVE-2024-43766, CVE-2025-22420, CVE-2025-22432, CVE-2025-32348, CVE-2025-48525, CVE-2025-48536, CVE-2025-48544, CVE-2025-48555, CVE-2025-48567, CVE-2025-48572, CVE-2025-48573, CVE-2025-48574, CVE-2025-48575, CVE-2025-48576, CVE-2025-48577, CVE-2025-48578, CVE-2025-48579, CVE-2025-48580, CVE-2025-48581, CVE-2025-48582, CVE-2025-48583, CVE-2025-48584, CVE-2025-48585, CVE-2025-48586, CVE-2025-48587, CVE-2025-48589, CVE-2025-48590, CVE-2025-48592, CVE-2025-48594, CVE-2025-48596, CVE-2025-48597, CVE-2025-48598, CVE-2025-48600, CVE-2025-48601, CVE-2025-48602, CVE-2025-48603, CVE-2025-48604, CVE-2025-48605, CVE-2025-48607, CVE-2025-48609, CVE-2025-48611, CVE-2025-48612, CVE-2025-48614, CVE-2025-48615, CVE-2025-48616, CVE-2025-48617, CVE-2025-48618, CVE-2025-48619, CVE-2025-48620, CVE-2025-48621

We're allowed to provide an early release with these patches and to list the CVEs but must wait until the embargo ends to publish sources or details on the patches. We strongly disagree with broadly distributing patches to OEMs 3-4 months before the official publication date. It further delays getting patches to users and sophisticated attackers will have no issue getting the patches from one of many people at Android OEMs with early access. It should be limited to at most 7 days. The lack of actual secrecy has been acknowledged through Android limiting the embargo to source code and details which allows us to fix these early. We're doing it with separate opt-in releases to keep the regular releases properly open source instead of delayed open source. We plan to integrate this choice into the initial setup wizard. The positive side is that we can now provide patches to people who truly need them without even the previous 1 month embargo delay.

We added a Wise Quick Pay link for the GrapheneOS Foundation as another donation option. This enables donating money without fees from anywhere Wise is available instead of only local bank transfers in the EU/SEPA, UK, US, Australia, New Zealand, Canada, Hungary and Turkey.

https://wise.com/pay/business/grapheneosfoundation

Wise charges us a small fee for receiving local bank transfers (0.72 USD, 0.61 EUR, etc.) and it's free for Canada. Their fee for international bank transfers is much higher (6.11 USD, 2.39 EUR, 6.11 CAD, etc.) and would usually have a cost on the sending side too, although we could still list it.

For a full list of the donation options, see https://grapheneos.org/donate. We could add the additional option of international bank transfers but it would only make sense for large donations. We're not currently listing it since we don't want people donating $20 through a method where we would lose 30%.

Changes in version 162:

• disable usage of privileged Window.setHideOverlayWindows()
• update Gradle to 9.1.0
• update Android Gradle plugin to 8.13.0

A full list of changes from the previous release (version 161) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

GmsCompatConfig is the text-based configuration for the GrapheneOS sandboxed Google Play compatibility layer. It provides a large portion of the compatibility shims.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

Will they watch lemmy as well?

Documents show that ICE plans to hire dozens of contractors to scan X, Facebook, TikTok, and other platforms to target people for deportation.

Notable changes in version 90:

• drop unnecessary EIS availability check to avoid an exception in edge cases

A full list of changes from the previous release (version 89) is available through the Git commit log between the releases.

This app is available through the Play Store with the app.grapheneos.camera.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.grapheneos.camera app id are published in the GrapheneOS App Store which provides fully automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel. These releases are also bundled as part of GrapheneOS and published on GitHub.

GrapheneOS users must obtain GrapheneOS app updates through our App Store since verified boot metadata is required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Notable changes in version 89:

• add back force disabling EIS when we're not explicitly enabling it to avoid reducing the field of view and image quality for image capture mode on devices such as Pixels enabling EIS by default (this was lost in version 86)
• handle edge cases when preloaded media item gets removed to avoid rare crashes
• update AndroidX Camera (CameraX) library to 1.5.0 (no changes since the previous release candidate)
• update Material Components library to 1.13.0
• update Android Gradle plugin to 8.13.0
• update Kotlin to 2.2.20
• update Gradle to 9.1.0

A full list of changes from the previous release (version 88) is available through the Git commit log between the releases.

This app is available through the Play Store with the app.grapheneos.camera.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.grapheneos.camera app id are published in the GrapheneOS App Store which provides fully automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel. These releases are also bundled as part of GrapheneOS and published on GitHub.

GrapheneOS users must obtain GrapheneOS app updates through our App Store since verified boot metadata is required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Pressure mounts on Meloni’s gov’t as Gaza protests paralyse Italy | Israel-Palestine conflict News | Al Jazeera
https://www.aljazeera.com/news/2025/10/3/pressure-mounts-on-italian-govt-over-gaza-after-strike-paralyses-nation

"Their demands include the release of remaining Italians from the Sumud Flotilla, unconditional support for a Palestinian state and “more serious sanctions” on Israel over its war on Gaza, he said."

#Palestine #Gaza #Israel #Italy
@palestine@fedibird.com

Hamas says it agrees to parts of Trump’s Gaza plan but seeks more talks | News | Al Jazeera
https://www.aljazeera.com/news/2025/10/3/hamas-says-it-agrees-to-parts-of-trumps-gaza-plan-but-more-talks-needed

'But it said aspects of the proposal touching on “the future of the Gaza Strip and the legitimate rights of the Palestinian people” should be decided on the basis of a “unanimous national position and relevant international laws and resolutions”.'

#Palestine #Gaza #Israel
@palestine@fedibird.com

Good video, very much worth watching despite the length. New UI will look something like this:

with an option for a more classic look.

Looks like an enourmous UX improvement too, and a rewrite to QT and eliminating a lot of technical debt will make development faster.

The push by top aides to President Trump to remove Nicolás Maduro as the leader of Venezuela has intensified in recent days, with administration officials discussing a broad campaign that would escalate military pressure to try to force him out, U.S. officials say.

It is being led by Marco Rubio, the secretary of state and national security adviser. Mr. Rubio argues that Mr. Maduro is an illegitimate leader who oversees the export of drugs to the United States, which he says poses an “imminent threat.”

An opposition movement whose figures have met with U.S. officials says it is communicating with Washington on plans to dismantle Nicolás Maduro’s “criminal structure.”