Related
As title...
https://developers.google.com/android/ota#shamu - OTA full image
https://developers.google.com/android/images#shamu - full image
Is the microphone issue fixed?
Sent from my Nexus 6 using Tapatalk
Same bootloader, same radio. FYI
FLaMpeR said:
Is the microphone issue fixed?
Sent from my Nexus 6 using Tapatalk
Click to expand...
Click to collapse
I have the same question. This bug is annoying.
Demonoid_i_am said:
I have the same question. This bug is annoying.
Click to expand...
Click to collapse
Yes it's fixed for me.
Sent from my Nexus 6 using XDA-Developers Legacy app
buge boyo said:
Yes it's fixed for me.
Sent from my Nexus 6 using XDA-Developers Legacy app
Click to expand...
Click to collapse
Glad we can fix it...is dirty flash from 7.1.1 alright?
Sent from my Nexus 6 using Tapatalk
Strange. Just swapped phones with my wife and the loudspeaker echoes horribly, so I guess it's not fixed for me, unless I'm misunderstanding the problem...
Edit: Half an hour later, after dinner and a flash of Yoinx's speaker fix, both my wife's Nexus 5 and my Nexus 6 are clear as a bell, both of them on loudspeaker. I therefore say that the Google image does not contain the loudspeaker fix - not from where I sit, anyway. Anyone else?
"is dirty flash from 7.1.1 alright?"
Yes. I flashed the OTA directly over the existing N6F26Q and it works fine.
Best way to tell is if someone could pull the mixer file and diff it to see any changes ... I would but I'm not in front of my setup right now.
Well, from where I sit the best way is to call someone, switch on your N6 loudspeaker, and see if they can hold a conversation with you... Which I did. And it didn't work until I flashed Yoinx's zip.
Google will most likely not fix it. Any new updates will most likely just be security patches. If you want the fix then I would flash the zip or grab a custom roms that has it fixed for ever. Never can say I ever had this issue as I don't use speaker phone ever. Unless completely alone it is considered rude.
The nerve. Why in the world would they leave such a feature broken. I know some people don't use it but the purpose of a phone is to freaking work. Doesn't matter if you use that feature or not. Others do. I use speaker all the time because I work from home. Stock software shouldn't have this problem. Period. It's been over a month and still no fix from Google. Meanwhile our guys fixed it almost immediately. This is just plain negligence and disrespectful at this point. I guess it's a sign they want us to get a new device so they completely fu**ed this phone by breaking what is a core and even basic feature of all phones. Ridiculous and ******y practices. At this point there literally is nothing that's making me more mad.
MysticKing32 said:
The nerve. Why in the world would they leave such a feature broken. I know some people don't use it but the purpose of a phone is to freaking work. Doesn't matter if you use that feature or not. Others do. I use speaker all the time because I work from home. Stock software shouldn't have this problem. Period. It's been over a month and still no fix from Google. Meanwhile our guys fixed it almost immediately. This is just plain negligence and disrespectful at this point. I guess it's a sign they want us to get a new device so they completely fu**ed this phone by breaking what is a core and even basic feature of all phones. Ridiculous and ******y practices. At this point there literally is nothing that's making me more mad.
Click to expand...
Click to collapse
What do you expect. The device is EOL which means anything broken will stay broken. Then add in that the OS was coded for 64 bit devices and had to be ported to our device to begin with. Also really if you are not willing to dig in and fix the issue then you miss the whole point of owning a nexus. It's a developer device.
And yes some people use it and some don't. That is the way it is with all features.
Getting upset about it is really pointless.
AOSP commits from 7.1.1_r13\N6F26Q to 7.1.1_r17\N6F26R
.
project bionic/
e046081 Check for bad packets in getaddrinfo.c's getanswer.
project build/
8a89878 N6F26R
e225344 Update Security String to 2017-02-05 on nyc-dev
8e84b75 Update Security String to 2017-02-01 on nyc-dev
project device/htc/flounder/
a37d1ee Fix security issue in Visualizer effect
project external/libavc/
cf606f3 Decoder: Fix in checking for valid profile flags
project external/libgdx/
c156e72 Fix security vulnerability
project external/libhevc/
3a64694 Fixed handling invalid chroma tu size for error clips
f22345d Fixed out of bound reads in stack variables
e20f6b8 Fix in Chroma SAO for non-multiple of 8 height
project frameworks/av/
048ba59 Fix security vulnerability: potential OOB write in audioserver
bab10e4 Effect: Use local cached data for Effect commit
project frameworks/base/
593144f [DO NOT MERGE] Fix vulnerability in MemoryIntArray - fix build file
de5747d Fix vulnerability in MemoryIntArray
a66099e DO NOT MERGE. Retain DownloadManager Uri grants when clearing.
4df434d DO NOT MERGE: Check provider access for content changes.
project frameworks/native/
541b1eb Correct overflow check in Parcel resize code
74dae33 Fix security vulneratibly 31960359
509fb5c Fix SF security vulnerability: 32706020
project hardware/libhardware/
9f0e940 Fix security vulnerability: potential OOB write in audioserver
project libcore/
c55ce33 Fix URL parser may return wrong host name
project packages/apps/Bluetooth/
379e7b6 Remove MANAGE_DOCUMENTS permission as it isn't needed
project packages/apps/Messaging/
1bb11f3 resolve merge conflicts of eafd58a to nyc-dev
13f739b 32807795 Security Vulnerability - AOSP Messaging App: thirdparty can attach private files from "/data/data/com.android.messaging/" directory to the messaging app.
86e5bf5 32322450 Security Vulnerability - heap buffer overflow in libgiftranscode.so
project packages/apps/UnifiedEmail/
1fc7b01 Don't allow file attachment from /data through GET_CONTENT.
project system/core/
7f94bb4 change /data/bugreports to /bugreports
project system/sepolicy/
54a3eec label /bugreports
dahawthorne said:
As title...
https://developers.google.com/android/ota#shamu - OTA full image
https://developers.google.com/android/images#shamu - full image
Click to expand...
Click to collapse
Is there a TWRP flashable version? Those of us with root ava TWRP need to extract the zip and flash system. IMG, boot.img etc. Using ADB?
zelendel said:
What do you expect. The device is EOL which means anything broken will stay broken. Then add in that the OS was coded for 64 bit devices and had to be ported to our device to begin with. Also really if you are not willing to dig in and fix the issue then you miss the whole point of owning a nexus. It's a developer device.
And yes some people use it and some don't. That is the way it is with all features.
Getting upset about it is really pointless.
Click to expand...
Click to collapse
Okay so you're telling me it's perfectly fine for a manufacturer to leave a device in a broken state because the device reached the end of its life? This is what's wrong with the world lol. And no I'm not missing the whole point of the nexus line. This is my first Nexus device however. But that's not the point. You don't leave major bugs like this unfixed. Not sure about you but if I pay for something EVERYTHING on the phone should work correctly. Of course there'll be a few minor hitches here and there. I expect that from betas and custom roms. But that's what BETAS and custom roms are for. The point of the nexus line is to play with custom software. Of course if some things from that doesn't work then of course you can't expect google support. You buy a nexus (or at least you used to) to get pure Android without skins like TouchWiz or HTC sense. And of course to experiment with custom software. Just because google allows custom software on the device does not give them the right to fu** us on an update then leave it to the community to fix it. Luckily we have a terrific community that fixed it in no time. But still I expect that google fixes the mistake they made. Because it was in fact their mistake. They released an official update. Not a beta. This is supposed to be stable!
sanumaj said:
Is there a TWRP flashable version? Those of us with root ava TWRP need to extract the zip and flash system. IMG, boot.img etc. Using ADB?
Click to expand...
Click to collapse
No, you don't need to do all that. You can if you want, but the OTA is a one-button solution - sideload via ADB, reboot, job done. You'll need to reroot.
zelendel said:
The device is EOL which means anything broken will stay broken.
Click to expand...
Click to collapse
I wouldn't argue with zelendel on technical matters, but I can on matters of policy and principle.
This is no different from taking your phone in for repair and finding that they've fixed what you asked them to fix but have broken another component. You could argue that the difference here is that the ROM upgrade is free; I refute that by saying that I paid a great deal of money (£549/$800) on the understanding that I would receive ongoing support. That support does continue to come, and I welcome it, but the bottom line here is that Google broke a function and are therefore morally obliged to repair it. And since this is the company whose motto at the beginning was (is it still...?) "Don't be evil" I think I'm entitled to get upset, no?
For me its simple. Google broke it so Google needs to fix it. EOL or not, they brought out an official security update that has a error in it. But to be honest, i don't believe that Google even cares about the N6, to them its an old phone not worth putting much time and energy in.
Well it's a punch in the face to all of us who purchased the Nexus 6. This year Nexus 6p and 5x will suffer the same fate and next the Pixel phones. Great way to keep trust. The speakerphone is really important while driving or when using in a conference call which the latter is in my case. They've spent way to long time without fixing it. I'm grateful for the custom ROM community but Google should have fixed it long time ago for those who depends on running stock. Because of issues like this and conducts like this, people will move on to a different OEMs. In a marketing side of view, Google will loose customers in the long run.
TMG1961 said:
For me its simple. Google broke it so Google needs to fix it. EOL or not, they brought out an official security update that has a error in it. But to be honest, i don't believe that Google even cares about the N6, to them its an old phone not worth putting much time and energy in.
Click to expand...
Click to collapse
EOL does matter though. Google broke a core function of our device on the last official Android update we will get. One could argue it was not intended to make us buy a newer device, but Google's behavior on it leaves much open to speculation.
And to the anyone defending Google, would it be OK if auto manufacturers updated your car's radio on the first service appointment after the warranty had expired, and said update disabled all but one of your speakers? That's essentially what Google has done to the N6. To top it off, seeing the defense of Google is like going back to work after your service appt, and when you complain about the broken speaker functionality at the water cooler, your co-workers tell you you should give Ford some slack, after all, you're outside the warranty period, and they didn't the have to update anything for you.
I haven't had an update for my LG G4 in so long. Google has released many patches which fix extreme vulnerabilities with the Android OS, including a patch for the latest severe Broadcom exploit (common name: Broadpwn). This is a severe exploit: "The most severe vulnerability in this [runtime] section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes in the July 2017 Android Security Bulletin.
Info about exploit: http://thehackernews.com/2017/07/android-ios-broadcom-hacking.html
More info about exploit: http://www.zdnet.com/article/iphones-and-ipad-owners-update-now-to-block-broadpwn-wi-fi-hack/
Android fix: https://source.android.com/security/bulletin/2017-07-01
According to this page (https://www.ifixit.com/Teardown/LG+G4+Teardown/42705), the LG G4 has the Broadcom BCM4339HKUBG 5G WiFi Client which would be affected by this exploit since it affects all BCM43xx chipsets.
Apple released iOS 10.3.3 to fix this.
Does anyone know if the Nougat update will incorporate this Android patch level? Is there any way to contact LG to force them to send an update which fixes this severe exploit?
gyrex said:
I haven't had an update for my LG G4 in so long. Google has released many patches which fix extreme vulnerabilities with the Android OS, including a patch for the latest severe Broadcom exploit (common name: Broadpwn). This is a severe exploit: "The most severe vulnerability in this [runtime] section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes in the July 2017 Android Security Bulletin.
Info about exploit: http://thehackernews.com/2017/07/android-ios-broadcom-hacking.html
More info about exploit: http://www.zdnet.com/article/iphones-and-ipad-owners-update-now-to-block-broadpwn-wi-fi-hack/
Android fix: https://source.android.com/security/bulletin/2017-07-01
According to this page (https://www.ifixit.com/Teardown/LG+G4+Teardown/42705), the LG G4 has the Broadcom BCM4339HKUBG 5G WiFi Client which would be affected by this exploit since it affects all BCM43xx chipsets.
Apple released iOS 10.3.3 to fix this.
Does anyone know if the Nougat update will incorporate this Android patch level? Is there any way to contact LG to force them to send an update which fixes this severe exploit?
Click to expand...
Click to collapse
Man. This exploit may be the next new root method. We dont want it patched but yes julys security updates for g5 included this patch. Which most devices will get patched probly quite quickly
---------- Post added at 12:33 PM ---------- Previous post was at 12:32 PM ----------
As said lg already knows about it and sprint released an update for the g5 so the sprint g4 shouldnt be far behind
But rumor has it this may be the new root method for 7.0.
TheMadScientist420 said:
Man. This exploit may be the next new root method. We dont want it patched but yes julys security updates for g5 included this patch. Which most devices will get patched probly quite quickly
Click to expand...
Click to collapse
Um, yeh, I'd like my phone patched thanks. If/when someone develops a hack to use this exploit, I'd prefer not to have my phone and information exposed at public wifi points. LG needs to provide a patch for the G4 ASAP....
gyrex said:
Um, yeh, I'd like my phone patched thanks. If/when someone develops a hack to use this exploit, I'd prefer not to have my phone and information exposed at public wifi points. LG needs to provide a patch for the G4 ASAP....
Click to expand...
Click to collapse
Um yea why not open a thread with lg and not a modding community that tries to take advantage of every exploit we can find.
Again lg has already begun patching it. On some device. Tell em to patch yours next. See how fast is happens.
---------- Post added at 09:16 PM ---------- Previous post was at 09:15 PM ----------
Or get a iphone if ure worried about security.
Haha worrying about public WiFi vulnerabilities. Best way is to turn off. You are only aware of this because of publicity. Whereas the exploits you aren't aware of or never will be aware of can still effect you when WiFi radio is still on in public. There's stuff out there that you'd never see coming and no one will discover only because of the oblivious public
dontbeweakvato said:
Haha worrying about public WiFi vulnerabilities. Best way is to turn off. You are only aware of this because of publicity. Whereas the exploits you aren't aware of or never will be aware of can still effect you when WiFi radio is still on in public. There's stuff out there that you'd never see coming and no one will discover only because of the oblivious public
Click to expand...
Click to collapse
This bug or security risk affect all wifis from what i read ad long as an attacker is in range of ure device. Again from what i read. So public or private suposedly at risk.
gyrex said:
I haven't had an update for my LG G4 in so long. Google has released many patches which fix extreme vulnerabilities with the Android OS, including a patch for the latest severe Broadcom exploit (common name: Broadpwn). This is a severe exploit: "The most severe vulnerability in this [runtime] section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes in the July 2017 Android Security Bulletin.
Info about exploit: http://thehackernews.com/2017/07/android-ios-broadcom-hacking.html
More info about exploit: http://www.zdnet.com/article/iphones-and-ipad-owners-update-now-to-block-broadpwn-wi-fi-hack/
Android fix: https://source.android.com/security/bulletin/2017-07-01
According to this page (https://www.ifixit.com/Teardown/LG+G4+Teardown/42705), the LG G4 has the Broadcom BCM4339HKUBG 5G WiFi Client which would be affected by this exploit since it affects all BCM43xx chipsets.
Apple released iOS 10.3.3 to fix this.
Does anyone know if the Nougat update will incorporate this Android patch level? Is there any way to contact LG to force them to send an update which fixes this severe exploit?
Click to expand...
Click to collapse
Much more details can be found here now: https://blog.exodusintel.com/2017/07/26/broadpwn/
successful exploitation requires the victim to either click on an untrusted link or connect to an attacker’s network and actively browse to a non-HTTPS site
Click to expand...
Click to collapse
And again another proof of what I say always and everywhere.
My following statement matches for both: Anti Malware software and installing security patches
Security patches have one exception to this though: when a security bug can be executed remotely without any user interaction.
In theory you can have a patch level of 1970 for your device as long as your device can not be remotely attacked without user interaction. The main point of I would say 90% of infections is just the user.
I do not want to offend you or anyone but I have to say it this direct hard way:
The best anti malware protection was / is / and will always be: ....YOU (your brain - think before you click)
Do not install dubious software.
Do not click on unexpected links send to you or from untrusted sources / users.
Do not open attachments which you do not expect to get (even when the sender is your friends address! keep in mind that he can be infected!).
.. or just simply: Use your brain before clicking and/or installing
Anti malware software is only a LAST RESORT and NOT your main protection!
That's what the most humans forget or just do not (WANT TO) know.
This is the same for smartphones or desktop PCs.
Click to expand...
Click to collapse
Regarding your question if LG will release that fix just take a look here:
https://lgsecurity.lge.com/security_updates.html
You will find that CVE listed in the July patch level for the G4 so yes it gets patched for this device but it depends on your carrier when.
.
steadfasterX said:
Much more details can be found here now: https://blog.exodusintel.com/2017/07/26/broadpwn/
And again another proof of what I say always and everywhere.
My following statement matches for both: Anti Malware software and installing security patches
Security patches have one exception to this though: when a security bug can be executed remotely without any user interaction.
In theory you can have a patch level of 1970 for your device as long as your device can not be remotely attacked without user interaction. The main point of I would say 90% of infections is just the user.
I do not want to offend you or anyone but I have to say it this direct hard way:
Regarding your question if LG will release that fix just take a look here:
https://lgsecurity.lge.com/security_updates.html
You will find that CVE listed in the July patch level for the G4 so yes it gets patched for this device but it depends on your carrier when.
.
Click to expand...
Click to collapse
Sorry, I have no idea what you're talking about. There's very little of what you wrote which makes any sense.
gyrex said:
Sorry, I have no idea what you're talking about. There's very little of what you wrote which makes any sense.
Click to expand...
Click to collapse
ask what you do not understand and I can explain.
.
gyrex said:
attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," Google describes in the July 2017 Android Security Bulletin.
Click to expand...
Click to collapse
If by "execute arbitrary code within the context of an unprivileged process", you mean executing something that can unlock bootloader in non H815 or H811 models, then you're onto something.
BIG_BADASS said:
If by "execute arbitrary code within the context of an unprivileged process", you mean executing something that can unlock bootloader in non H815 or H811 models, then you're onto something.
Click to expand...
Click to collapse
nope, I believe it means root access privileges, or being able read information that for example an wifi stack would not need (like your contacts, location etc.)
Levent2101 said:
nope, I believe it means root access privileges, or being able read information that for example an wifi stack would not need (like your contacts, location etc.)
Click to expand...
Click to collapse
Interesting. I'd like to see where this goes. Someone with non H815 or H811 should take backup of their current image before this gets patched.
Is there any chance for people with this phone to update and fix the security flaw in WPA2?
As far as i Remember, P8 cant update all the way to Oreo, so even if Google releases a security update, we're stuck to Marshmallow. What are we supposed to do?
Also need help on this please
Is it possible for this security flaw to be fixed? I keep getting hacked on wifi direct. And people on same network can easily connect to me and i cannot stop them with the knowledge I have. The guy upstairs does it as a joke to me sometimes, but it isn't funny. Thx
Huawei Support Email bombing
RashFaustinho said:
Is there any chance for people with this phone to update and fix the security flaw in WPA2?
As far as i Remember, P8 cant update all the way to Oreo, so even if Google releases a security update, we're stuck to Marshmallow. What are we supposed to do?
Click to expand...
Click to collapse
There is only one way, still try to contact Huawei support by emails, in different languages and so. Same situation with Mate 7, Mate 8, Mate S. I'm very dissapointed with Huawei, this is absolutelly my last smartphone mady by Huawei. Nobody cares about BlueBorne vulnerability and KRACK vulnerability, it a shame!!!
I've just read this article https://www.theregister.co.uk/2019/08/06/qualcomm_android_patches/ and it seems we might be affected.
Can I assume we will get the security patch soon?
Alan
Since the purchase of the OnePlus 8 Pro (IN2023) last May, I have received a single OTA update. That was the day I first turned the phone on, and it was updated to OxygenOS 10.5.8.IN11BA. That's it.
Since then, not a single OTA of the EU version of OxygenOS has been made available to my device, even weeks after each incremental update had been reported to be rolling out to other devices.
I'm not sure how exactly OTA rollouts are being implemented by OnePlus, but I find it weird to be constantly left behind and exclusively rely on a Play Store app (Oxygen Updater) to get any new OS update that becomes available.
Any other owners experiencing a similar issue? Any ideas on how/if this can be somehow dealt with?
Impossible to invoke a new update unless it's being advertised to your device, I believe they're staggered releases so the servers tension uncluttered.
There's nothing wrong with the ox updater method..
It's an age old complaint "when will it xxxxxx be our?"
Only OnePlus would know.