Final's avatar
Final final@stacker.news 3 months ago
Next release of #GrapheneOS will add support to opt-in for Security Preview releases. These will be separate release channels for users to receive security patches that have source code and vulnerability information under an embargo. The next security preview contains early patches for 1 Critical vulnerability, and 54 High vulnerabilities.

Replies (8)

The Stacker Monster's avatar
The Stacker Monster 3 months ago
Interesting. Is there any reason one would not opt into this? Seems like a no brainer to opt in and get the latest security patches... right?
1 replies ↓
Final's avatar
Final final@stacker.news 3 months ago
Security Preview has embargoed code. They are made to be released and disclosed later, you can't release the patches' source codes or details under said embargo. BUT, you are allowed to release compiled binaries. It's silly. You can reverse engineer them. In fact, that's kind of why this is being done. It wouldn't be hard for people to reverse the patches from a binary-only release and turn them into source code patches. Source code patches made by others outside GrapheneOS could then be shipped in our main branch.
1 replies ↓
Final's avatar
Final final@stacker.news 3 months ago
There's still monthly security patches that go outside the embargo, don't worry. These are embargoed code for patches in the next four months. Some December patch level stuff in here.
The Stacker Monster's avatar
The Stacker Monster 3 months ago
Thanks! So from a user perspective, I'm definitely gonna sign up because I get the latest security updates... what a weird system of embargoes, I truly don't understand what google is doing lately
↑