CyanogenMod 10.1.1 Released – fixes for vulnerabilities that can bypass check for a digital signature

July 12, 2013 in Android, Linux, News, ROM by admin

cyanogen-modGiven all the Android security topics in the news, we thought it prudent to issue a follow-up to the 10.1.0 general release, incorporating patches for various vulnerabilities that have since been identified.

t the time of this post, CyanogenMod 10.1.1 releases are building and mirroring to our download portal. The CM 10.1.1 build is purely a security bug-fix release on top of the previous 10.1.0.x code-base. While it does not carry any new features, it does address the following:

  • Bug 8219321 aka “MasterKey” exploit (also patched in CM 7 and CM 9 source)
  • CVE-2013-2094 (Linux kernel exploit)
  • CVE-2013-2596 (Qualcomm-specific exploit)
  • CVE-2013-2597 (Qualcomm-specific exploit)
  • General device bug-fixes

With the security nature of this release, all users on CM 10.1.0.x are encouraged to update once their respective build is available

 

Source: here.