[Replicant] Release 0003 update and announcement

Denis 'GNUtoo' Carikli GNUtoo at no-log.org
Wed Dec 27 18:17:22 UTC 2017


On Wed, 27 Dec 2017 14:14:00 +0000
Kurtis Hanna <kurtis at riseup.net> wrote:

> This looks good to me. Might be worth mentioning that this update
> fixes the KRACK as well, afaik.
Would that be better:
A new version (0003) of Replicant 6.0 was released a few weeks ago.

It fixes an important issue that makes devices end up in
a boot loop (the devices were crashing during boot,
endlessly) when installing certain applications.

It also fixes a security issue[1] that enables an attacker to decrypt
and/or modify WiFi traffic.

This can be problematic if your security is relying on on the WiFi
encryption. This can be the case if you are using WiFi to connect
to your device your device to use applications like Remote Keyboard[2]
over telnet. This can also be problematic if you share your Internet
connection trough WiFi and that some services of the phone operator
you use are available without authentication.

Because of the above, updating to this version is strongly recommended.

The update instructions can be found here:

https://redmine.replicant.us/projects/replicant/wiki/Generic_minor_version_upgrade

References:
-----------
[1]https://en.wikipedia.org/wiki/KRACK
[2]https://f-droid.org/en/packages/de.onyxbits.remotekeyboard/

Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20171227/7c383282/attachment.asc>


More information about the Replicant mailing list